From sh.vahabzadeh at gmail.com Sun Apr 1 01:58:34 2012
From: sh.vahabzadeh at gmail.com (Shahab Vahabzadeh)
Date: Sun, 1 Apr 2012 11:28:34 +0430
Subject: Outdoor Wireless Access Point
In-Reply-To: <74945.1333237748@turing-police.cc.vt.edu>
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
<74945.1333237748@turing-police.cc.vt.edu>
Message-ID:
Hi Valdis,
Thanks for your time and your answer, Of course I know how to search in
google or internet.
But the problem is as you told to have a good network and launch the best
solution.
And not do wrong things once more.
Thanks
On Sun, Apr 1, 2012 at 4:19 AM, wrote:
> On Sat, 31 Mar 2012 15:48:37 -0700, Network IP Dog said:
> > I'm utterly amazed how many people give away free consultant work.
>
> A lot of us are quite busy with $DAYJOB and not in a position to take on a
> consulting engagement - and there's no good micropayment infrastructure to
> deal
> with 20-minute consulting gigs anyway. So we give away 5 minute chunks of
> our
> time for the benefit of the networking community. It's a large chunk of
> what
> makes 'best common practices' evolve. (Hint - that consultant you hired?
> How
> much of *their* knowledge did they aquire from other people's free advice?)
>
> And those of us who *do* go looking for consulting gigs often need to
> market
> ourselves as somebody clued. You read NANOG for a while, you get a good
> idea
> of who is clued and who isn't. And thus you decide who gets the gig.
>
> > Google is your friend... ;^)
>
> http://www.xckd.com/979/
>
--
Regards,
Shahab Vahabzadeh, Network Engineer and System Administrator
Cell Phone: +1 (415) 871 0742
PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
From sh.vahabzadeh at gmail.com Sun Apr 1 01:59:53 2012
From: sh.vahabzadeh at gmail.com (Shahab Vahabzadeh)
Date: Sun, 1 Apr 2012 11:29:53 +0430
Subject: Outdoor Wireless Access Point
In-Reply-To: <4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
Message-ID:
Dear IP Dog,
Thanks for your time too, but I think you are so free and you are only
showing off yourself busy ;)
Because your answer reflect that to us, Here is a mailing list and open
community ;)
So if you do not have a good answer for question please go away ;)
Thanks
On Sun, Apr 1, 2012 at 3:18 AM, Network IP Dog wrote:
> Hi...How do I do it!
>
> I'm utterly amazed how many people give away free consultant work.
>
> We need to keep people working... not giving it away.
>
> Ethics... Security... etc...
>
> Does the university give away free diploma's? I don't think so.
>
> Must be another copy & paste e&^%$#?r too!
>
> Google is your friend... ;^)
>
> Cheers!
>
>
> Ephesians 4:32 & Cheers!!!
>
> A password is like a... toothbrush ;^)
> Choose a good one, change it regularly and don't share it.
>
> -----Original Message-----
> From: Shahab Vahabzadeh [mailto:sh.vahabzadeh at gmail.com]
> Sent: Saturday, March 31, 2012 2:39 AM
> To: nanog at nanog.org
> Subject: Outdoor Wireless Access Point
>
> Hi there,
> I asked for a wireless solution for a university, in which they want indoor
> wireless solution for more than 5 building (at least two floor) and outdoor
> wireless solution for near 160m*280m garden.
> As I look for maps we need at least 3 or 4 outdoor radio, I think in these
> networks the best solution is to have only one SSID in whole network to
> give
> mobility for the network, is this called ad-hoc? or it has an other name?
> I do not know if I could ask question clearly or not, suppose we have 4
> radio but only one SSID is broadcasting and when you are near the radio is
> near to you you will get service from that one, as this solution must be
> implement for indoor ones too.
> And if there is any good company which can both indoor and outdoor solution
> and they have shipping to Iran too or reseller in Iran please give me the
> url.
> Thanks
>
> --
> Regards,
> Shahab Vahabzadeh, Network Engineer and System Administrator
>
> Cell Phone: +1 (415) 871 0742
> PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
>
>
--
Regards,
Shahab Vahabzadeh, Network Engineer and System Administrator
Cell Phone: +1 (415) 871 0742
PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
From Valdis.Kletnieks at vt.edu Sun Apr 1 02:58:31 2012
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Sun, 01 Apr 2012 03:58:31 -0400
Subject: Outdoor Wireless Access Point
In-Reply-To: Your message of "Sun, 01 Apr 2012 11:28:34 +0430."
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
<74945.1333237748@turing-police.cc.vt.edu>
Message-ID: <111456.1333267111@turing-police.cc.vt.edu>
On Sun, 01 Apr 2012 11:28:34 +0430, Shahab Vahabzadeh said:
> Thanks for your time and your answer, Of course I know how to search in google or internet.
> But the problem is as you told to have a good network and launch the best solution.
Unfortunately, I can't make any real recommendation for your net - although we
have some 1300 access points scattered across 100 buildings (a combination of
Cisco and Aruba gear) with a peak of 10,700 or so simultaneous users, we have
not ireally addressed the issue of outdoor wireless. For much of campus, it's
not a big problem, as buildings are packed fairly close together, and many of
the good benches, trees, retaining walls, and other places to sit are close
enough to a building that signal leakage from inside allows users to connect anyhow.
But there's a 22 acre field (about twice the size of the garden you are trying
to support) in the middle of campus... literally in the middle, as in "the campus
is built around that field". ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL:
From leigh.porter at ukbroadband.com Sun Apr 1 05:37:21 2012
From: leigh.porter at ukbroadband.com (Leigh Porter)
Date: Sun, 1 Apr 2012 10:37:21 +0000
Subject: Outdoor Wireless Access Point
In-Reply-To: <4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
References: ,
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
Message-ID: <1D88FE52-F131-4FAE-9628-79E32D390727@ukbroadband.com>
On 31 Mar 2012, at 23:51, "Network IP Dog" > wrote:
Hi...How do I do it!
I'm utterly amazed how many people give away free consultant work.
We need to keep people working... not giving it away.
Ethics... Security... etc...
Does the university give away free diploma's? I don't think so.
Must be another copy & paste e&^%$#?r too!
Google is your friend... ;^)
Cheers!
Ephesians 4:32 & Cheers!!!
For I was hungry and you gave me nothing to eat, I was thirsty and you gave me nothing to drink, 43 I was a stranger and you did not invite me in, I needed clothes and you did not clothe me, I was sick and in prison and you did not look after me.? 44 I needed some help building a wireless network and you wanted consultancy fees.
I think the day we stop helping each other on this list and start demanding consultancy fees will be the day the Internet really did die..
So whilst nobody would document an end to end design for nothing, I think the odd snipped of good advice should always be free.
Of course, y'all should google it first because how else are they going to send you relevant advertisements!
--
Leigh
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
From leigh.porter at ukbroadband.com Sun Apr 1 05:45:51 2012
From: leigh.porter at ukbroadband.com (Leigh Porter)
Date: Sun, 1 Apr 2012 10:45:51 +0000
Subject: April fools joke?
Message-ID: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
http://www.bbc.co.uk/news/uk-politics-17576745
It's sad when you just can't tell with things like this..
--
Leigh
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
From jared at puck.nether.net Sun Apr 1 06:16:15 2012
From: jared at puck.nether.net (Jared Mauch)
Date: Sun, 1 Apr 2012 07:16:15 -0400
Subject: Outdoor Wireless Access Point
In-Reply-To: <111456.1333267111@turing-police.cc.vt.edu>
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
<74945.1333237748@turing-police.cc.vt.edu>
<111456.1333267111@turing-police.cc.vt.edu>
Message-ID: <17765155-1FEF-488D-929F-14A1D3C1C562@puck.nether.net>
If you use unifi there is an outdoor version. You can mount it outside a building or on a pole.
Jared Mauch
On Apr 1, 2012, at 3:58 AM, Valdis.Kletnieks at vt.edu wrote:
> But there's a 22 acre field (about twice the size of the garden you are trying
> to support) in the middle of campus... literally in the middle, as in "the campus
> is built around that field". ;)
From rubensk at gmail.com Sun Apr 1 06:56:51 2012
From: rubensk at gmail.com (Rubens Kuhl)
Date: Sun, 1 Apr 2012 08:56:51 -0300
Subject: Attack on the DNS ?
In-Reply-To: <1E6E6FF1-098B-4CAF-81AF-74C2D49A6A9C@gmail.com>
References:
<4F774C51.3000805@gmail.com>
<20120331.222817.74728386.sthaug@nethelp.no>
<1E6E6FF1-098B-4CAF-81AF-74C2D49A6A9C@gmail.com>
Message-ID:
On Sat, Mar 31, 2012 at 10:09 PM, Greg Ihnen wrote:
> I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network.
> Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique?
If you are using broadband connection from the brazilian incumbent
operator (Oi), you might indeed being redirected to bogus servers.
They are very fond of "monetizing" techniques with their user base,
using either DNS or all the traffic for that matter (Phorm).
Rubens
From lists at mtin.net Sun Apr 1 09:30:05 2012
From: lists at mtin.net (Justin Wilson)
Date: Sun, 01 Apr 2012 10:30:05 -0400
Subject: April fools joke?
In-Reply-To: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
Message-ID:
I hate April 1 on the Web. You are right you never can tell. I would be
appalled if someone as respectable as the BBC stoops to downright dumb
pranks.
However, it is England. They have some of the most strict laws in the
"Free" world.
I hate the Interweb on April 1. lol
-----Original Message-----
From: Leigh Porter
Date: Sun, 1 Apr 2012 10:45:51 +0000
To: "nanog at nanog.org"
Subject: April fools joke?
>
>http://www.bbc.co.uk/news/uk-politics-17576745
>
>It's sad when you just can't tell with things like this..
>
>--
>Leigh
>
>
>______________________________________________________________________
>This email has been scanned by the Symantec Email Security.cloud service.
>For more information please visit http://www.symanteccloud.com
>______________________________________________________________________
>
From tknchris at gmail.com Sun Apr 1 09:33:22 2012
From: tknchris at gmail.com (chris)
Date: Sun, 1 Apr 2012 10:33:22 -0400
Subject: April fools joke?
In-Reply-To:
References: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
Message-ID:
April 1st or not its the gist of that story is probably already true
whether you know it or not.
On Sun, Apr 1, 2012 at 10:30 AM, Justin Wilson wrote:
> I hate April 1 on the Web. You are right you never can tell. I
> would be
> appalled if someone as respectable as the BBC stoops to downright dumb
> pranks.
>
> However, it is England. They have some of the most strict laws in
> the
> "Free" world.
>
> I hate the Interweb on April 1. lol
>
> -----Original Message-----
> From: Leigh Porter
> Date: Sun, 1 Apr 2012 10:45:51 +0000
> To: "nanog at nanog.org"
> Subject: April fools joke?
>
> >
> >http://www.bbc.co.uk/news/uk-politics-17576745
> >
> >It's sad when you just can't tell with things like this..
> >
> >--
> >Leigh
> >
> >
> >______________________________________________________________________
> >This email has been scanned by the Symantec Email Security.cloud service.
> >For more information please visit http://www.symanteccloud.com
> >______________________________________________________________________
> >
>
>
>
>
From alec.muffett at gmail.com Sun Apr 1 09:54:10 2012
From: alec.muffett at gmail.com (Alec Muffett)
Date: Sun, 1 Apr 2012 15:54:10 +0100
Subject: CCDP (Was: April fools joke?)
In-Reply-To:
References:
Message-ID: <329ED0F4-4516-4FD5-8046-5D5D7E3C0304@gmail.com>
On 1 Apr 2012, at 15:30, Justin Wilson wrote:
> I hate April 1 on the Web. You are right you never can tell. I would be
> appalled if someone as respectable as the BBC stoops to downright dumb
> pranks.
It is true.
It's called the Communications Capabilities Development Programme (CCDP) and is comprehensively discussed at the OpenRightsGroup* wiki:
http://wiki.openrightsgroup.org/wiki/Communications_Capabilities_Development_Programme
...and somewhat less comprehensively at:
http://en.wikipedia.org/wiki/Communications_Capabilities_Development_Programme
See also ZDNet from February, in case you think it's still an April 1st joke:
http://www.zdnet.co.uk/news/security-threats/2012/02/20/isps-kept-in-dark-about-uks-plans-to-intercept-twitter-40095083/
- alec
--
* disclosure: I help out with ORG in an unpaid capacity
From chcheng at ieee.org Sun Apr 1 10:23:31 2012
From: chcheng at ieee.org (Che-Hoo CHENG)
Date: Sun, 1 Apr 2012 23:23:31 +0800
Subject: Was b.root-servers.net under attack on Mar 31?
Message-ID:
http://dnsmon.ripe.net/dns-servmon/server/plot?server=b.root-servers.net;type=drops;tstart=1333166400;tstop=1333252799;af=ipv4
There were quite a few unanswered queries from around 06:15 to around 09:15 UTC on Mar 31.
Che-Hoo
From sil at infiltrated.net Sun Apr 1 10:04:42 2012
From: sil at infiltrated.net (J. Oquendo)
Date: Sun, 1 Apr 2012 10:04:42 -0500
Subject: STEP Security (RFC4012012)
Message-ID: <20120401150442.GB14436@infiltrated.net>
Interweb Re-Engineering Task Force J. Oquendo
Request for Comments 4012012 E-Fensive Security Strategies
Category: Informational
Expires: 2020
STEP by STEP Security
Status of this Memo
This Internet-Draft is submitted in full nonconformance with
provisions of BCP 78 and BCP 79. This document may not be modified,
and derivative works of it may not be created, except to publish it
as an RFC and to translate it into languages other than English.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on April 01, 2020.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Oquendo Expires Apr 01, 2020 [Page 1]
Internet-Draft Security Step by STEP RFC 4012012
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Abstract
This framework describes a practical methodology for ensuring
security in otherwise insecure environments. The goal is to provide
a rapid response mechanism to defend against the advanced persistent
threats in the wild.
Table of Contents
1. Introduction..................................................2
2. Conventions used in this document.............................4
3. Threats Explained.............................................4
3.1. Possible Actors..........................................4
4. STEP Explained................................................5
5. STEP in Action................................................6
6. Security Considerations.......................................7
7. IANA Considerations...........................................7
8. Conclusions...................................................8
8.1. Informative References...................................8
9. Acknowledgments...............................................8
Appendix A. Copyright............................................9
1. Introduction
In the network and computing industry, malicious actions,
applications and actors have become more pervasive. Response times
to anomalous events are burdening today's infrastructures and often
strain resources. As networks under attack are often saturated with
malicious traffic and advanced persistent threat actors engage in
downloading terabytes of data, resources to combat these threats
have diminished.
Additionally, the threats are no longer just anonymized actors
engaging in juvenile behavior, there are many instances of State
Actors, disgruntled employees, contractors, third party vendors and
criminal organizations. Each with separate agendas, each
consistently targeting devices on the Internet.
Oquendo Informational [Page 2]
Internet-Draft Security Step by STEP RFC 4012012
The intent behind this document is to define a methodology for rapid
response to these threats. In this document, security will be
achieved using a new methodology and protocol henceforth named
Scissor To Ethernet Protocol (STEP).
Initially designed as a last approach for security, STEP ensures
that no attacker can disaffect any of the Confidentiality,
Integrity, Availability of data as a whole.
Many variables are involved in security, but the STEP methodology
focuses on the following:
o FUD (Fear Uncertainty and Doubt)
o SCAM (Security Compliance and Management)
o APT (Another Possible Threat)
This methodology proposes STEP that SHOULD be performed at the onset
of a cyber attack before more terabytes of data are exfiltrated from
a network.
1. Industry Standard IP connection
+-----------+ +-----------+ +-----------+
| | IP | | INGRESS | |
| Rogue |-------> | Internet | ------> | Target |
| A | | | | B |
| | | | EGRESS | |
+-----------+ +-----------+ | Target (secured from the threat)
X
O O
(Closed)
5. STEP in Action
The following illustrates a remote APT attack against a webserver
located in the demilitarized zone of an infrastucture. In the
example, an APT attacker is launching a SQLI, XSS and CSRF against a
target over the Internet.
The attacks are common and according to statistics, are the same
attacks used to leverage access against major Fortune 500 companies
in the past decade.
+-------+ +-----+ +-----+ +--------+
| | SQLi | | + + INGRESS | |
| APT | -------> | ISP | ---> + ISP + ------> | Target |
| | XSS/CSRF | A | + B + | www |
| | | | + + | |
+-------+ +-----+ +-----+ +--------+
o Figure 5.1 Attacker launching attacks
+-------+ +-----+ +-----+ +--------+
| | TCP | | + + Reverse | |
| APT | | ISP | ---> + ISP + -->| | Target |
| | XSS/CSRF | A | + B + x | www |
| | | | + + o o | |
+-------+ +-----+ +-----+ +--------+
o Figure 5.2 Ingress STEP
+-------+ +-----+ +-----+ +--------+
| | Attack | | | + + | |
| APT | ------> | ISP | ->| + ISP + | Target |
| | | A | x + B + | www |
| | | | o o + + | |
+-------+ +-----+ +-----+ +--------+
o Figure 5.4 Provider based STEP
Both instances of STEP successfully demonstrate the power of the
STEP protocol. In no case, can an attacker successfully launch any
attack against a target as the security posture has now been
hardened.
6. Security Considerations
Cutting any Ethernet cable could potentially lead to shock and
degradation of IP services on your network. Please ensure there are
additional Ethernet cables for redundancy. Otherwise there is
nothing to consider.
7. IANA Considerations
There are no alternative considerations. STEP is the ultimate in
security.
Oquendo Informational [Page 7]
Internet-Draft Security Step by STEP RFC 4012012
8. Conclusions
Step defends against APT while minimizing your exposure to SCAMs and
FUD.
8.1. Informative References
[1] http://www.amazon.com/b?ie=UTF8&node=689392011
[2] http://ha.ckers.org/xss.html
[3] http://en.wikipedia.org/wiki/Advanced_persistent_threat
[4] http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
9. Acknowledgments
Sofia Vergara
Kenji, Saki and Coco
Oquendo Informational [Page 8]
Internet-Draft Security Step by STEP RFC 4012012
Appendix A. Copyright
Copyright (c) 2012 IETF Trust and the persons identified as authors
of the code. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
o Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
o Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
o Neither the name of Internet Society, IETF or IETF Trust, nor the
names of specific contributors, may be used to endorse or promote
products derived from this software without specific prior
written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
Author's Addresses
Jesus Oquendo
E-Fensive Security Strategies
Oquendo Informational [Page 9]
From bpasdar at batblue.com Sun Apr 1 10:38:05 2012
From: bpasdar at batblue.com (Babak Pasdar)
Date: Sun, 01 Apr 2012 11:38:05 -0400
Subject: Outdoor Wireless Access Point
Message-ID: <20120401153805.eb072199@concur.batblue.com>
Shahab,
We did a large scale outdoor rollout for the X-Games (both summer and winter) where we used our outdoor APs to light up the side of Buttermilk mountain in Aspen for the winter X Games as well as the LA Coliseum, Staples Center, Nokia Theater and Part of downtown LA for the summer X Games.
Here is a link to a story we did on this project: Bat Blue Delivers Wifi Services for ESPN X-Games You can see one of our outdoor APs in the background as Avril Levigne hands Shaun White his medal.
We would be happy to work with you on your project if you think we can help.
Best Regards,
Babak
--
Babak Pasdar
President & CEO | Certified Ethical Hacker
Bat Blue Networks
(p) 212.461.3322 x3005 | (f) 212.584.9999 | www.BatBlue.com
Bat Blue: AS 25885 | BGP Policy | Peering Policy
Watch: Cloud Security Video | Cloud Network Video
Read: Official Provider for ESPN X Games
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1651 bytes
Desc: not available
URL:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1622 bytes
Desc: not available
URL:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1590 bytes
Desc: not available
URL:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1666 bytes
Desc: not available
URL:
From maxsec at gmail.com Sun Apr 1 11:02:20 2012
From: maxsec at gmail.com (Martin Hepworth)
Date: Sun, 1 Apr 2012 17:02:20 +0100
Subject: April fools joke?
In-Reply-To:
References: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
Message-ID:
On Sunday, 1 April 2012, chris wrote:
> April 1st or not its the gist of that story is probably already true
> whether you know it or not.
>
> On Sun, Apr 1, 2012 at 10:30 AM, Justin Wilson >
> wrote:
>
> > I hate April 1 on the Web. You are right you never can tell. I
> > would be
> > appalled if someone as respectable as the BBC stoops to downright dumb
> > pranks.
> >
> > However, it is England. They have some of the most strict laws in
> > the
> > "Free" world.
> >
> > I hate the Interweb on April 1. lol
> >
> > -----Original Message-----
> > From: Leigh Porter >
> > Date: Sun, 1 Apr 2012 10:45:51 +0000
> > To: "nanog at nanog.org " >
> > Subject: April fools joke?
> >
> > >
> > >http://www.bbc.co.uk/news/uk-politics-17576745
> > >
> > >It's sad when you just can't tell with things like this..
> > >
> > >--
> > >Leigh
> >
>
Re visit of the stuff that was thrown out about 3 years when raised by
Labour govmt and berated by the present govemt when they were in opposition
Home Office and others want it but most businesses don't and the civil
liberties guys are quite against it - requirement on any online or comms
provider to keep logs for ages!
Martin
--
--
Martin Hepworth
Oxford, UK
From shortdudey123 at gmail.com Sun Apr 1 11:42:25 2012
From: shortdudey123 at gmail.com (Grant Ridder)
Date: Sun, 1 Apr 2012 11:42:25 -0500
Subject: STEP Security (RFC4012012)
In-Reply-To: <20120401150442.GB14436@infiltrated.net>
References: <20120401150442.GB14436@infiltrated.net>
Message-ID:
April 1 2012 RFC's
Service Undiscovery Using Hide-and-Go-Seek for the Domain Pseudonym System
(DPS)
http://www.rfc-editor.org/rfc/rfc6593.txt
The Null Packet
http://www.rfc-editor.org/rfc/rfc6592.txt
-Grant
On Sun, Apr 1, 2012 at 10:04 AM, J. Oquendo wrote:
> Interweb Re-Engineering Task Force J. Oquendo
> Request for Comments 4012012 E-Fensive Security Strategies
> Category: Informational
> Expires: 2020
>
>
> STEP by STEP Security
>
>
> Status of this Memo
>
> This Internet-Draft is submitted in full nonconformance with
> provisions of BCP 78 and BCP 79. This document may not be modified,
> and derivative works of it may not be created, except to publish it
> as an RFC and to translate it into languages other than English.
> Internet-Drafts are working documents of the Internet Engineering
> Task Force (IETF), its areas, and its working groups. Note that
> other groups may also distribute working documents as Internet-
> Drafts.
>
> Internet-Drafts are draft documents valid for a maximum of six
> months and may be updated, replaced, or obsoleted by other documents
> at any time. It is inappropriate to use Internet-Drafts as
> reference material or to cite them other than as "work in progress."
>
> The list of current Internet-Drafts can be accessed at
> http://www.ietf.org/ietf/1id-abstracts.txt
>
> The list of Internet-Draft Shadow Directories can be accessed at
> http://www.ietf.org/shadow.html
>
> This Internet-Draft will expire on April 01, 2020.
>
> Copyright Notice
>
> Copyright (c) 2012 IETF Trust and the persons identified as the
> document authors. All rights reserved.
>
> This document is subject to BCP 78 and the IETF Trust's Legal
> Provisions Relating to IETF Documents
> (http://trustee.ietf.org/license-info) in effect on the date of
> publication of this document. Please review these documents
> carefully, as they describe your rights and restrictions with
> respect to this document. Code Components extracted from this
> document must include Simplified BSD License text as described in
>
>
>
>
> Oquendo Expires Apr 01, 2020 [Page 1]
>
>
> Internet-Draft Security Step by STEP RFC 4012012
>
>
> Section 4.e of the Trust Legal Provisions and are provided without
> warranty as described in the Simplified BSD License.
>
> Abstract
>
> This framework describes a practical methodology for ensuring
> security in otherwise insecure environments. The goal is to provide
> a rapid response mechanism to defend against the advanced persistent
> threats in the wild.
>
> Table of Contents
>
>
> 1. Introduction..................................................2
> 2. Conventions used in this document.............................4
> 3. Threats Explained.............................................4
> 3.1. Possible Actors..........................................4
> 4. STEP Explained................................................5
> 5. STEP in Action................................................6
> 6. Security Considerations.......................................7
> 7. IANA Considerations...........................................7
> 8. Conclusions...................................................8
> 8.1. Informative References...................................8
> 9. Acknowledgments...............................................8
> Appendix A. Copyright............................................9
>
>
> 1. Introduction
> In the network and computing industry, malicious actions,
> applications and actors have become more pervasive. Response times
> to anomalous events are burdening today's infrastructures and often
> strain resources. As networks under attack are often saturated with
> malicious traffic and advanced persistent threat actors engage in
> downloading terabytes of data, resources to combat these threats
> have diminished.
>
> Additionally, the threats are no longer just anonymized actors
> engaging in juvenile behavior, there are many instances of State
> Actors, disgruntled employees, contractors, third party vendors and
> criminal organizations. Each with separate agendas, each
> consistently targeting devices on the Internet.
>
>
>
>
> Oquendo Informational [Page 2]
> Internet-Draft Security Step by STEP RFC
> 4012012
>
>
> The intent behind this document is to define a methodology for rapid
> response to these threats. In this document, security will be
> achieved using a new methodology and protocol henceforth named
> Scissor To Ethernet Protocol (STEP).
>
>
>
> Initially designed as a last approach for security, STEP ensures
> that no attacker can disaffect any of the Confidentiality,
> Integrity, Availability of data as a whole.
>
>
>
> Many variables are involved in security, but the STEP methodology
> focuses on the following:
>
>
> o FUD (Fear Uncertainty and Doubt)
> o SCAM (Security Compliance and Management)
> o APT (Another Possible Threat)
>
>
>
> This methodology proposes STEP that SHOULD be performed at the onset
> of a cyber attack before more terabytes of data are exfiltrated from
> a network.
>
> 1. Industry Standard IP connection
>
>
> +-----------+ +-----------+ +-----------+
> | | IP | | INGRESS | |
> | Rogue |-------> | Internet | ------> | Target |
> | A | | | | B |
> | | | | EGRESS | |
> +-----------+ +-----------+
> Figure 1 Example session between a rogue attacker and target
> Figure 1 illustrates the connection via the Internet from a rogue
> attacker, towards a target. Irrespective of the attack used, IP
> will ALWAYS be used as the attack vector.
>
>
> Oquendo Informational
> [Page 3]
>
>
> Internet-Draft Security Step by STEP RFC 4012012
>
>
>
>
> 2. Conventions used in this document
>
>
> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
> "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
> document are to be interpreted as described in RFC-2119 [RFC2119].
>
> In this document, these words will appear with that interpretation
> only when in ALL CAPS. Lower case uses of these words are not to be
> interpreted as carrying RFC-2119 significance.
>
>
> 3. Threats Explained
>
> A security threat is a theoretical happening that may not occur but
> should be considered as part of a proper security architecture and
> design. For example, the threat always exists that your systems
> will become the target of a denial of service attack. A threat may
> or may not have a method to mitigate the possibility of attack.
>
> Vendors across the security spectrum offer FUD based solutions often
> promoting SCAM based systems to mitigate against APT. While some of
> the available solutions may minimize the potential for catastrophic
> transfers of terabytes of data, these solutions SHOULD NOT be used
> as an all-inclusive solution for security. Engineers MUST NOT rely
> on FUD, or SCAMs against the APT.
>
> 3.1. Possible Actors
>
> Both malicious attacks and unintended (non-malicious) attacks can
> occur from anywhere in the world including local attacks inside of
> the infrastructure. In the barest threat explanation above, the
> threat that someone can commit a typographical error, causing a
> disruption in service, is as severe as a Distributed Denial of
> Service attack from the public Internet. Actors can never be easily
> identified unless one is watching the Academy Awards on television.
>
>
>
>
> Oquendo Informational [Page 4]
>
>
> Internet-Draft Security Step by STEP RFC 4012012
>
>
> 4. STEP Explained
>
> o S - Scissors
>
> Scissors as defined by wikipedia are" hand-operated cutting
> instruments. They consist of a pair of metal blades pivoted so that
> the sharpened edges slide against each other when the handles (bows)
> opposite to the pivot are closed. Scissors are used for cutting
> various thin materials, such as paper, cardboard, metal foil, thin
> plastic, cloth, rope, and wire. Scissors can also be used to cut
> hair and food. Scissors and shears are functionally equivalent, but
> larger implements tend to be called shears. Scissors is a critical
> component for STEP security and MUST be readily available 99.99999%
> with redundant scissors within arm?..s reach.
>
>
> | |
> X X
> / \ O O
>
> (Opened) (Closed)
>
>
> o T - To
>
> To: [preposition] (Used for expressing direction or motion or
> direction toward something) in the direction of; toward: from north
> to south.
>
> o E - Ethernet
>
> Ethernet via Wikiepedia is described as a family of computer
> networking technologies for local area networks (LANs) commercially
> introduced in 1980. Standardized in IEEE 802.3, Ethernet has
> largely replaced competing wired LAN technologies. For clarity in
> our protocol, Ethernet is defined as the cabling between a device
> and a network component such as a router or a switch.
>
>
>
> o P - Protocol
>
> A communications protocol is a system of digital message formats and
> rules for exchanging those messages in or between computing systems
> and in telecommunications. A protocol may have a formal
> description.
>
>
> Oquendo Informational [Page 5]
>
>
> Internet-Draft Security Step by STEP RFC
> 4012012
>
>
> Protocols may include signaling, authentication and error detection
> and correction capabilities.
>
> A protocol definition defines the syntax, semantics, and
> synchronization of communication; the specified behavior is
> typically independent of how it is to be implemented. A protocol
> can therefore be implemented as hardware or software or both.
>
> In STEP, Protocol is a rule an engineer MUST follow in order to
> complete STEP. S MUST be in a closed state.
>
>
>
> Actor -----> | Target (secured from the threat)
> X
> O O
>
> (Closed)
>
>
> 5. STEP in Action
> The following illustrates a remote APT attack against a webserver
> located in the demilitarized zone of an infrastucture. In the
> example, an APT attacker is launching a SQLI, XSS and CSRF against a
> target over the Internet.
>
> The attacks are common and according to statistics, are the same
> attacks used to leverage access against major Fortune 500 companies
> in the past decade.
>
> +-------+ +-----+ +-----+ +--------+
> | | SQLi | | + + INGRESS | |
> | APT | -------> | ISP | ---> + ISP + ------> | Target |
> | | XSS/CSRF | A | + B + | www |
> | | | | + + | |
> +-------+ +-----+ +-----+ +--------+
>
> o Figure 5.1 Attacker launching attacks
> +-------+ +-----+ +-----+ +--------+
> | | TCP | | + + Reverse | |
> | APT | | | | A | + B + Shell | www |
> | | | | + + | |
> +-------+ +-----+ +-----+ +--------+
>
> o Figure 5.2 Attacker executing a reverse shell
>
>
> Oquendo Informational
> [Page 6]
>
>
> Internet-Draft Security Step by STEP RFC
> 4012012
>
>
>
> In the illustration, an attacker is almost certainly attempting to
> obtain a reverse shell. This enables an attacker to access a device
> as if one were physically present at the device itself.
> Using STEP we can mitigate and deny this attack from various points:
>
>
> +-------+ +-----+ +-----+ +--------+
> | | SQLi | | + + | | |
> | APT | -------> | ISP | ---> + ISP + -->| | Target |
> | | XSS/CSRF | A | + B + x | www |
> | | | | + + o o | |
> +-------+ +-----+ +-----+ +--------+
>
> o Figure 5.2 Ingress STEP
>
> +-------+ +-----+ +-----+ +--------+
> | | Attack | | | + + | |
> | APT | ------> | ISP | ->| + ISP + | Target |
> | | | A | x + B + | www |
> | | | | o o + + | |
> +-------+ +-----+ +-----+ +--------+
>
> o Figure 5.4 Provider based STEP
>
>
> Both instances of STEP successfully demonstrate the power of the
> STEP protocol. In no case, can an attacker successfully launch any
> attack against a target as the security posture has now been
> hardened.
>
> 6. Security Considerations
>
> Cutting any Ethernet cable could potentially lead to shock and
> degradation of IP services on your network. Please ensure there are
> additional Ethernet cables for redundancy. Otherwise there is
> nothing to consider.
>
>
> 7. IANA Considerations
>
> There are no alternative considerations. STEP is the ultimate in
> security.
>
>
> Oquendo Informational
> [Page 7]
>
>
> Internet-Draft Security Step by STEP RFC 4012012
>
>
> 8. Conclusions
>
> Step defends against APT while minimizing your exposure to SCAMs and
> FUD.
>
> 8.1. Informative References
>
> [1] http://www.amazon.com/b?ie=UTF8&node=689392011
> [2] http://ha.ckers.org/xss.html
> [3] http://en.wikipedia.org/wiki/Advanced_persistent_threat
> [4] http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
>
>
> 9. Acknowledgments
> Sofia Vergara
> Kenji, Saki and Coco
>
>
>
>
> Oquendo Informational [Page
> 8]
>
>
> Internet-Draft Security Step by STEP RFC 4012012
>
>
> Appendix A. Copyright
>
>
>
> Copyright (c) 2012 IETF Trust and the persons identified as authors
> of the code. All rights reserved.
>
> Redistribution and use in source and binary forms, with or without
> modification, are permitted provided that the following conditions
> are met:
>
> o Redistributions of source code must retain the above copyright
> notice, this list of conditions and the following disclaimer.
>
> o Redistributions in binary form must reproduce the above copyright
> notice, this list of conditions and the following disclaimer in
> the documentation and/or other materials provided with the
> distribution.
> o Neither the name of Internet Society, IETF or IETF Trust, nor the
> names of specific contributors, may be used to endorse or promote
> products derived from this software without specific prior
> written permission.
>
> THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
> "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
> FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
> COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
> INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
> BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
> LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
> CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
> LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
> ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
> POSSIBILITY OF SUCH DAMAGE.
>
>
> Author's Addresses
>
> Jesus Oquendo
> E-Fensive Security Strategies
>
>
> Oquendo Informational [Page 9]
>
>
>
>
From gbonser at seven.com Sun Apr 1 16:24:27 2012
From: gbonser at seven.com (George Bonser)
Date: Sun, 1 Apr 2012 21:24:27 +0000
Subject: April fools joke?
In-Reply-To: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
References: <71E3CD78-A057-4519-A561-04D998611AA2@ukbroadband.com>
Message-ID: <596B74B410EE6B4CA8A30C3AF1A155EA09D85482@RWC-MBX1.corp.seven.com>
> From: Leigh Porter
> Sent: Sunday, April 01, 2012 3:46 AM
> To: nanog at nanog.org
> Subject: April fools joke?
>
>
> http://www.bbc.co.uk/news/uk-politics-17576745
>
> It's sad when you just can't tell with things like this..
>
> --
> Leigh
I was hoping for something good, like maybe an extension of RFC 1149 implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.
From mohta at necom830.hpcl.titech.ac.jp Sun Apr 1 16:44:20 2012
From: mohta at necom830.hpcl.titech.ac.jp (Masataka Ohta)
Date: Mon, 02 Apr 2012 06:44:20 +0900
Subject: Outdoor Wireless Access Point
In-Reply-To:
References:
Message-ID: <4F78CC34.7020603@necom830.hpcl.titech.ac.jp>
Shahab Vahabzadeh wrote:
> As I look for maps we need at least 3 or 4 outdoor radio, I think in these
> networks the best solution is to have only one SSID in whole network to
> give mobility for the network, is this called ad-hoc? or it has an other
> name?
It is usually called nomad, because it is not really
mobility.
With 802.11, you can connect to an AP and, if the AP
fails, you may be connected to another AP, but the
transition takes considerable amount of time not
tolerable for voice communication, which is why it
is not called mobility.
If you want mobility, have different SSIDs for APs in
the same frequency band (or, let terminals have multiple
sets of radio interfaces) and let terminals connect
to multiple APs simultaneously.
Then, run mobile IP to *RAPIDLY* control the primary
AP depending on signal quality of beacons from APs.
Though you only have to modify software on terminals,
AFAIK, there is no such commercial products.
> And if there is any good company which can both indoor
> and outdoor solution
With your environment, you only need indoor equipments with
external antennas located outdoors.
Masataka Ohta
From shadowedstrangerlists at gmail.com Sun Apr 1 17:17:58 2012
From: shadowedstrangerlists at gmail.com (Jacob Broussard)
Date: Sun, 1 Apr 2012 15:17:58 -0700
Subject: Outdoor Wireless Access Point
In-Reply-To: <4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
Message-ID:
I won't touch why we share info, others have already beat that horse dead,
but I will say that This list is fairly hostile to people wanting to use
them as 'free consultants'. Just look back through the archives for people
that post with a message similar to: 'I want to start an isp can someone
give me a step by step guide'. They aren't usually received nearly as well
as someone who asks 'does anyone have any solutions to this specific
problem I'm facing?'
On Mar 31, 2012 3:49 PM, "Network IP Dog" wrote:
> Hi...How do I do it!
>
> I'm utterly amazed how many people give away free consultant work.
>
> We need to keep people working... not giving it away.
>
> Ethics... Security... etc...
>
> Does the university give away free diploma's? I don't think so.
>
> Must be another copy & paste e&^%$#?r too!
>
> Google is your friend... ;^)
>
> Cheers!
>
>
> Ephesians 4:32 & Cheers!!!
>
> A password is like a... toothbrush ;^)
> Choose a good one, change it regularly and don't share it.
>
> -----Original Message-----
> From: Shahab Vahabzadeh [mailto:sh.vahabzadeh at gmail.com]
> Sent: Saturday, March 31, 2012 2:39 AM
> To: nanog at nanog.org
> Subject: Outdoor Wireless Access Point
>
> Hi there,
> I asked for a wireless solution for a university, in which they want indoor
> wireless solution for more than 5 building (at least two floor) and outdoor
> wireless solution for near 160m*280m garden.
> As I look for maps we need at least 3 or 4 outdoor radio, I think in these
> networks the best solution is to have only one SSID in whole network to
> give
> mobility for the network, is this called ad-hoc? or it has an other name?
> I do not know if I could ask question clearly or not, suppose we have 4
> radio but only one SSID is broadcasting and when you are near the radio is
> near to you you will get service from that one, as this solution must be
> implement for indoor ones too.
> And if there is any good company which can both indoor and outdoor solution
> and they have shipping to Iran too or reseller in Iran please give me the
> url.
> Thanks
>
> --
> Regards,
> Shahab Vahabzadeh, Network Engineer and System Administrator
>
> Cell Phone: +1 (415) 871 0742
> PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
>
>
>
From shadowedstrangerlists at gmail.com Sun Apr 1 17:20:01 2012
From: shadowedstrangerlists at gmail.com (Jacob Broussard)
Date: Sun, 1 Apr 2012 15:20:01 -0700
Subject: Outdoor Wireless Access Point
In-Reply-To: <20120401041149.E2C43800037@ip-64-139-1-69.sjc.megapath.net>
References: <20120401041149.E2C43800037@ip-64-139-1-69.sjc.megapath.net>
Message-ID:
Don't forget Stanford's coursera!
Another up and coming one that looks like it is very quality is Udacity.
On Mar 31, 2012 9:12 PM, "Hal Murray" wrote:
>
> > Hi...How do I do it!
> > I'm utterly amazed how many people give away free consultant work.
> > We need to keep people working... not giving it away.
> > Ethics... Security... etc...
> > Does the university give away free diploma's? I don't think so.
>
> I don't expect a free diploma, but many universities are offering free
> internet videos of various classes.
>
> If you want a sample, here are a few good starting points:
> http://ocw.mit.edu/
> http://oyc.yale.edu/
> http://webcast.berkeley.edu/
>
>
> --
> These are my opinions, not necessarily my employer's. I hate spam.
>
>
>
>
>
From jmaslak at antelope.net Sun Apr 1 18:09:12 2012
From: jmaslak at antelope.net (Joel Maslak)
Date: Sun, 1 Apr 2012 17:09:12 -0600
Subject: Outdoor Wireless Access Point
In-Reply-To: <4F78CC34.7020603@necom830.hpcl.titech.ac.jp>
References:
<4F78CC34.7020603@necom830.hpcl.titech.ac.jp>
Message-ID: <574FC49A-619D-4CC3-B7C8-5193EAE1C412@antelope.net>
On Apr 1, 2012, at 3:44 PM, Masataka Ohta wrote:
> With 802.11, you can connect to an AP and, if the AP
> fails, you may be connected to another AP, but the
> transition takes considerable amount of time not
> tolerable for voice communication, which is why it
> is not called mobility.
True under basic 802.11, at least with WPA2 + EAP, for some clients. Not all clients wait until they lose connectivity to start looking for another AP - it depends on how the client was built. However, even without needing to lose connectivity to learn what other APs are nearby, there still is a substantial associatiation delay with EAP.
That's why 802.11r + 802.11k exist. I'm sure the big name vendors support this and also support their proprietary alternatives that may or may not be better.
> If you want mobility, have different SSIDs for APs in
> the same frequency band (or, let terminals have multiple
> sets of radio interfaces) and let terminals connect
> to multiple APs simultaneously.
That's one way of doing it, provided you have a way to manage all the end devices when you add new APs. It has the disadvantage of not being a COTS solution AFAIK.
Another way to do it is Meru's "one frequency, one MAC" approach.
As for locating other access points, even without 802.11k, most solutions I have seen go into power save mode for long enough to do a quick scan every once in a while, taking into account the size of the phone's jitter buffer. That causes the AP to hold packets until the scan finishes. So one channel is not required for fast roaming.
I've seen solutions cope without 802.11r + 802.11k by using a WEP-only SSID on each AP (typically the same SSID for all APs) and throwing that into a VOIP-only VLAN. But with smartphones capable of running VoIP clients, I'd be less inclined to do it that way even if I thought WEP was secure-enough for voice calls.
The other solution that I've seen some things support is to use WDS on the VoIP device. I'm also not a fan of that personally, but others may be. WDS would require one frequency throughout the network however.
> Though you only have to modify software on terminals,
> AFAIK, there is no such commercial products.
There are plenty of commercial products that support VoIP handoff without issues. Some are proprietary, some are open standards. Many support multi-channel networks. It starts to get expensive to do this though, as most (all?) of the cheap vendors don't do what is required on the AP side. That said, I'd love to hear I'm wrong on this - I'm looking for new APs for home.
So, if I was buying an enterprise 802.11 solution and needed to support seamless VoIP roaming, I'd look at either a one-vendor solution (I'm sure Cisco phones + Cisco APs + Cisco Controller + Cisco PBX would do this just fine, for instance; you can substitute a few other big vendors for Cisco, no doubt, although not likely cheap ones; you'll be spending 10x or more per AP in many cases than if you could have used the cheap ones) or someone that complies with 802.11r + 802.11k (both for handses and APs). Obviously your network better support DSCP and/or VLAN priority marking and WMM as well.
Supporting VoIP handoff is much more complex (and, at least from what I've seen, expensive) than supporting web browsing handoff. It's also what seperates different pricing tiers of wireless equipment.
From kmedcalf at dessus.com Sun Apr 1 18:18:50 2012
From: kmedcalf at dessus.com (Keith Medcalf)
Date: Sun, 01 Apr 2012 17:18:50 -0600
Subject: April fools joke?
In-Reply-To: <596B74B410EE6B4CA8A30C3AF1A155EA09D85482@RWC-MBX1.corp.seven.com>
Message-ID:
> > http://www.bbc.co.uk/news/uk-politics-17576745
> > It's sad when you just can't tell with things like this..
> I was hoping for something good, like maybe an extension of RFC 1149
> implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.
ECN doesn't help if the Hunting Season bit is set.
---
() ascii ribbon campaign against html e-mail
/\ www.asciiribbon.org
From mohta at necom830.hpcl.titech.ac.jp Sun Apr 1 19:35:48 2012
From: mohta at necom830.hpcl.titech.ac.jp (Masataka Ohta)
Date: Mon, 02 Apr 2012 09:35:48 +0900
Subject: Outdoor Wireless Access Point
In-Reply-To: <574FC49A-619D-4CC3-B7C8-5193EAE1C412@antelope.net>
References:
<4F78CC34.7020603@necom830.hpcl.titech.ac.jp>
<574FC49A-619D-4CC3-B7C8-5193EAE1C412@antelope.net>
Message-ID: <4F78F464.20301@necom830.hpcl.titech.ac.jp>
Joel Maslak wrote:
>> With 802.11, you can connect to an AP and, if the AP
>> fails, you may be connected to another AP, but the
>> transition takes considerable amount of time not
>> tolerable for voice communication, which is why it
>> is not called mobility.
>
> True under basic 802.11, at least with WPA2 + EAP, for some
> clients. Not all clients wait until they lose connectivity
> to start looking for another AP - it depends on how the client
> was built.
The problem of looking for another APs is that, to scan existence
of other APs with reasonable reliability, clients must listen to
other channels for considerable amount of time (three times
maximum beacon interval, maybe), during which the clients can't
receive packets from the current APs.
That's why most, if not all, clients search new APs only after
they loss connection with the current APs.
> However, even without needing to lose connectivity
> to learn what other APs are nearby, there still is a
> substantial associatiation delay with EAP.
That's not a problem, in this case, when all the servers will
be located in a university campus.
> That's why 802.11r + 802.11k exist.
I'm afraid it is a L2 implementation of broken idea of PANA.
>> If you want mobility, have different SSIDs for APs in
>> the same frequency band (or, let terminals have multiple
>> sets of radio interfaces) and let terminals connect
>> to multiple APs simultaneously.
>
> That's one way of doing it, provided you have a way to manage
> all the end devices when you add new APs. It has the
> disadvantage of not being a COTS solution AFAIK.
It is because the currently recognized commercial demand is to
have smooth migration between 2/3G and WLAN, for which two
RFs one for 2/3G and another for WLAN is enough.
> Another way to do it is Meru's "one frequency, one MAC" approach.
"one frequency, one MAC"? I think it does not eliminate overhead
of channel scanning, or, does it?
> As for locating other access points, even without 802.11k, most
> solutions I have seen go into power save mode for long enough
> to do a quick scan every once in a while, taking into account
> the size of the phone's jitter buffer. That causes the AP
> to hold packets until the scan finishes. So one channel is
> not required for fast roaming.
Then, very short beacon intervals must be assumed.
> But with smartphones capable of running VoIP clients, I'd be
> less inclined to do it that way even if I thought WEP was
> secure-enough for voice calls.
Smart phones makes the situation worse.
With applications with high speed communication, 50ms loss of
communication can be significant. At 12Mbps, twenty 1500B
packets are lost in 50ms.
> Supporting VoIP handoff is much more complex (and, at least
> from what I've seen, expensive) than supporting web browsing
> handoff.
Both of them are difficult in their own way that the complete
solution (within WLAN SS, between 2/3G and WLAN, between WLAN
of different service providers etc.) can be found only at L3
layer, IMHO.
Masataka Ohta
From jason at i6ix.com Sun Apr 1 19:37:07 2012
From: jason at i6ix.com (Jason Bertoch)
Date: Sun, 01 Apr 2012 20:37:07 -0400
Subject: uunet ends newsfeed/newsreader in US
In-Reply-To: <20120330215549.68551.qmail@joyce.lan>
References: <20120330215549.68551.qmail@joyce.lan>
Message-ID: <4F78F4B3.4030304@i6ix.com>
On 3/30/2012 5:55 PM, John Levine wrote:
>>> I thought it should have died when pr0n and
>>> w4rez took it over (in the late 90's)..
> Many of the tech groups remain quite healthy. I still moderate
> comp.compilers which gets about 100 posts/month.
>
> Actually, it's fine with us that the ignorant masses think that usenet
> is dead, since it tends to keep out the riffraff.
>
> R's,
> John
>
+1
From bonomi at mail.r-bonomi.com Sun Apr 1 23:56:46 2012
From: bonomi at mail.r-bonomi.com (Robert Bonomi)
Date: Sun, 1 Apr 2012 23:56:46 -0500 (CDT)
Subject: April fools joke?
In-Reply-To:
Message-ID: <201204020456.q324ukHf003730@mail.r-bonomi.com>
"Keith Medcalf" wrote:
{prior attributions lost}
> > > http://www.bbc.co.uk/news/uk-politics-17576745
>
> > > It's sad when you just can't tell with things like this..
>
> > I was hoping for something good, like maybe an extension of RFC 1149
> > implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.
>
> ECN doesn't help if the Hunting Season bit is set.
That's a situation where you *want* Bugs in the project.
"Wabbit Season!"
From bortzmeyer at nic.fr Mon Apr 2 02:01:05 2012
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Mon, 2 Apr 2012 09:01:05 +0200
Subject: Was b.root-servers.net under attack on Mar 31?
In-Reply-To:
References:
Message-ID: <20120402070105.GA29466@nic.fr>
On Sun, Apr 01, 2012 at 11:23:31PM +0800,
Che-Hoo CHENG wrote
a message of 9 lines which said:
> http://dnsmon.ripe.net/dns-servmon/server/plot?server=b.root-servers.net;type=drops;tstart=1333166400;tstop=1333252799;af=ipv4
>
> There were quite a few unanswered queries from around 06:15 to around 09:15 UTC on Mar 31.
B is often the weakest link of the 13. I have no idea whether it was
attacked or not but perturbations are common. Most of the time, noone
watches dnsmon so they go unnoticed but, on March 31st, every small
glitch was spotted...
From saku at ytti.fi Mon Apr 2 03:44:45 2012
From: saku at ytti.fi (Saku Ytti)
Date: Mon, 2 Apr 2012 11:44:45 +0300
Subject: Handling of L2 broadcast, L3 unicast frames
Message-ID: <20120402084445.GA2667@pob.ytti.fi>
If you try
% sudo ip route add 194.100.7.227/32 dev eth0
% sudo arp -i eth0 -s 194.100.7.227 ff:ff:ff:ff:ff:ff
% ping 194.100.7.227
Chances are that you get ping replies (Cisco VXR, Cisco ISR, Juniper SRX,
Juniper M10i, Juniper M7i, Linksys e4200)
But you also might not be getting replies (Catalyst 7600, 3560, EX4200)
RFC[0] says in rather unambiguous way, that this should not be working. I
don't think catalyst/EX guys were lot smarter and honoured the RFC. Rather
I think it's hardware limitation they work like this. At least 7600 (as per
ELAM capture) acts like switch and tries to normally broadcast the frame in
the VLAN, but as it is L3 interface, there is only one port in the VLAN, so
net effect is, frame is dropped.
Now I'm facing loop, which is caused by ill-configured network, by any
networker definition of ill-configured. However, if our router would behave
like RFC says, then the ill-configured network would not cause loops.
This puts me in bit of a pickle, I can't call cisco and juniper and tell
them to fix all their routers and give me fixed release tomorrow, since
this behaviour seems very standard/de-facto behaviour. Customer refuses to
do any of the fixes in the ill-configured network, as problem only started
after swapping catalyst to ISR, so customer understandably does not grasp
the fault is not in our end (it's not, fault is caused by mismatching L2/L3
topologies with directed-broadcast in customer router)
Anyone else ever had problems due to router vendors not implementing
rfc1812 5.3.4?
[0] http://tools.ietf.org/html/rfc1812#section-5.3.4
--
++ytti
From mansaxel at besserwisser.org Mon Apr 2 06:17:12 2012
From: mansaxel at besserwisser.org (=?iso-8859-1?Q?M=E5ns?= Nilsson)
Date: Mon, 2 Apr 2012 13:17:12 +0200
Subject: Outdoor Wireless Access Point
In-Reply-To: <111456.1333267111@turing-police.cc.vt.edu>
References:
<4f7789d3.c70eb60a.1cc5.7ef6@mx.google.com>
<74945.1333237748@turing-police.cc.vt.edu>
<111456.1333267111@turing-police.cc.vt.edu>
Message-ID: <20120402111708.GC6655@besserwisser.org>
On Sun, Apr 01, 2012 at 03:58:31AM -0400, Valdis.Kletnieks at vt.edu wrote:
> But there's a 22 acre field (about twice the size of the garden you are trying
> to support) in the middle of campus... literally in the middle, as in "the campus
> is built around that field". ;)
(No doubt Valdis knows this, but..)
It is kind of funny to realtime-translate this from Latin to English
where applicable, and get "But there's a 22 acre field in the middle of
the field" and "the field is built around that field"
;-) ++;
--
/M?ns, blaming his Latin class.
From askoorb+nanog at gmail.com Mon Apr 2 06:30:02 2012
From: askoorb+nanog at gmail.com (Alex Brooks)
Date: Mon, 2 Apr 2012 12:30:02 +0100
Subject: CCDP (Was: April fools joke?)
In-Reply-To: <329ED0F4-4516-4FD5-8046-5D5D7E3C0304@gmail.com>
References:
<329ED0F4-4516-4FD5-8046-5D5D7E3C0304@gmail.com>
Message-ID:
On Sun, Apr 1, 2012 at 3:54 PM, Alec Muffett wrote:
>
>
> On 1 Apr 2012, at 15:30, Justin Wilson wrote:
> > ? ? ? I hate April 1 on the Web. You are right you never can tell. ?I
> > would be
> > appalled if someone as respectable as the BBC stoops to downright dumb
> > pranks.
>
> It is true.
>
> It's called the Communications Capabilities Development Programme (CCDP)
More details (from a fairly level-headed viewpoint) have been
published at http://www.theregister.co.uk/2012/04/02/ccdp_government_snooping_plans/.
It looks like for more details we'll have to wait for the Queen's
Speech on the 9th of May (and the following white / command papers and
other guff) when it looks like she'll announce it with all the other
legislation her government will try to pass over the next year.
Alex
From oscar.vives at gmail.com Mon Apr 2 06:40:25 2012
From: oscar.vives at gmail.com (Tei)
Date: Mon, 2 Apr 2012 13:40:25 +0200
Subject: April fools joke?
In-Reply-To: <201204020456.q324ukHf003730@mail.r-bonomi.com>
References:
<201204020456.q324ukHf003730@mail.r-bonomi.com>
Message-ID:
On 2 April 2012 06:56, Robert Bonomi wrote:
>
> "Keith Medcalf" wrote:
> {prior attributions lost}
>> > > http://www.bbc.co.uk/news/uk-politics-17576745
>>
>> > > It's sad when you just can't tell with things like this..
>>
>> > I was hoping for something good, like maybe an extension of RFC 1149
>> > implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.
>>
>> ECN doesn't help if the Hunting Season bit is set.
>
> That's a situation where you *want* Bugs in the project.
>
> ?"Wabbit Season!"
>
Joke is on then.
I make all my terrorist talking in Counter-Strike. Since the game
packets are not logued, nothing is logued. And we use a special
language so a possible spy would not understand us.
1. "OMFG! It's a deagle train! Camp for your life!"
2. "W00T kill #7 Total deagle-train!"
3. "Why don't you use that M4 you have?"
2. "Because I'm deagle-training n00b!"
Logging emails:
- 100% false positives: log data from everyone not evil
- 100% missed messages: don't log data from evil people
The very definition of useless. Probably another "feel good", "look
how we combat the evuuul" politics.
--
--
?in del ?ensaje.
From oscar.vives at gmail.com Mon Apr 2 06:51:44 2012
From: oscar.vives at gmail.com (Tei)
Date: Mon, 2 Apr 2012 13:51:44 +0200
Subject: April fools joke?
In-Reply-To:
References:
<201204020456.q324ukHf003730@mail.r-bonomi.com>
Message-ID:
On 2 April 2012 13:40, Tei wrote:
> On 2 April 2012 06:56, Robert Bonomi wrote:
>>
>> "Keith Medcalf" wrote:
>> {prior attributions lost}
>>> > > http://www.bbc.co.uk/news/uk-politics-17576745
>>>
>>> > > It's sad when you just can't tell with things like this..
>>>
>>> > I was hoping for something good, like maybe an extension of RFC 1149
>>> > implementing ECN (aka SQUAWK) in avian carriers. I'm disappointed.
>>>
>>> ECN doesn't help if the Hunting Season bit is set.
>>
>> That's a situation where you *want* Bugs in the project.
>>
>> ?"Wabbit Season!"
>>
>
> Joke is on then.
>
> I make all my terrorist talking in Counter-Strike. ?Since the game
> packets are not logued, nothing is logued. ? And we use a special
> language so a possible spy would not understand us.
>
> 1. "OMFG! It's a deagle train! Camp for your life!"
Oops. sorry, seems will use deep packet inspection for games.
I suppose the trigger for wen the terrorist say "we have setup the
bomb" will trigger a few hundreds of times per minute. :-/
--
--
?in del ?ensaje.
From jra at baylink.com Mon Apr 2 08:23:50 2012
From: jra at baylink.com (Jay Ashworth)
Date: Mon, 2 Apr 2012 09:23:50 -0400 (EDT)
Subject: April fools joke?
In-Reply-To:
Message-ID: <1385459.9303.1333373030249.JavaMail.root@benjamin.baylink.com>
----- Original Message -----
> From: "Tei"
> Oops. sorry, seems will use deep packet inspection for games.
>
> I suppose the trigger for wen the terrorist say "we have setup the
> bomb" will trigger a few hundreds of times per minute. :-/
"Somebody set up us the bomb."
(Though in general use, "set us up" is more commonly heard.)
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From jra at baylink.com Mon Apr 2 08:25:35 2012
From: jra at baylink.com (Jay Ashworth)
Date: Mon, 2 Apr 2012 09:25:35 -0400 (EDT)
Subject: uunet ends newsfeed/newsreader in US
In-Reply-To: <4F78F4B3.4030304@i6ix.com>
Message-ID: <30268057.9305.1333373135836.JavaMail.root@benjamin.baylink.com>
----- Original Message -----
> From: "Jason Bertoch"
> On 3/30/2012 5:55 PM, John Levine wrote:
> > Actually, it's fine with us that the ignorant masses think that
> > usenet is dead, since it tends to keep out the riffraff.
> +1
+5; September is finally over.
Now, where can I get a non-commercial rec.arts/tech-groups feed?
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From jra at baylink.com Mon Apr 2 08:32:05 2012
From: jra at baylink.com (Jay Ashworth)
Date: Mon, 2 Apr 2012 09:32:05 -0400 (EDT)
Subject: uunet ends newsfeed/newsreader in US
In-Reply-To:
Message-ID: <27997262.9307.1333373525471.JavaMail.root@benjamin.baylink.com>
----- Original Message -----
> From: "John R. Levine"
> Spam sucks, but I've been posting to usenet with my real unmunged email
> address since 1981 and my inbox remains entirely usable. The idea that
> the way to avoid spam is to hide from spammers is so 1990s.
I've been posting to Usenet with my real *cell phone number* in my sig, not
to mention a dozen mailing lists.
You know how many unsolicited phone calls I've gotten in 29 years?
Maybe as many as a dozen.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From dylan at corp.power1.com Mon Apr 2 08:38:49 2012
From: dylan at corp.power1.com (Dylan Bouterse)
Date: Mon, 2 Apr 2012 13:38:49 +0000
Subject: airFiber
In-Reply-To:
References: <3631ff80$65b2bbb3$4de71797$@com>
Message-ID: <218AB54691EB49439829EFD136F473CF27752437@exchange2k10.corp.power1.com>
What published specs have you seen on the airFiber latency? I asked one of the UBNT guys and they said it's microsecond. On any network I've managed, anything sub 1ms is acceptable.
Dylan
-----Original Message-----
From: John van Oppen [mailto:jvanoppen at spectrumnet.us]
Sent: Saturday, March 31, 2012 2:22 PM
To: 'Andrew McConachie'; Marshall Eubanks
Cc: NANOG list
Subject: RE: airFiber
We actually have a lot of the old gigabeam radios in service, they are faster than the published specs of the airfiber links (1G full duplex vs 750 mbit/sec fd) and lower latency due to their very simplistic design. To be honest, from a network engineering standpoint, the gigabeams were conveninet as path issues would show up as ethernet errors that can be used to trigger reroutes or other events. That being said, we did not have a large variety of switches as the microwave side of our house is made up entirely of just a couple of cisco models. The gigabeams also have a pure OOB management setup.
John
From joshbaird at gmail.com Mon Apr 2 08:44:06 2012
From: joshbaird at gmail.com (Josh Baird)
Date: Mon, 2 Apr 2012 09:44:06 -0400
Subject: airFiber
In-Reply-To: <218AB54691EB49439829EFD136F473CF27752437@exchange2k10.corp.power1.com>
References: <3631ff80$65b2bbb3$4de71797$@com>
<218AB54691EB49439829EFD136F473CF27752437@exchange2k10.corp.power1.com>
Message-ID:
I was told to expect 0.1ms by UBNT. Haven't seen this published, though.
Josh
On Mon, Apr 2, 2012 at 9:38 AM, Dylan Bouterse wrote:
> What published specs have you seen on the airFiber latency? I asked one of the UBNT guys and they said it's microsecond. On any network I've managed, anything sub 1ms is acceptable.
>
> Dylan
>
> -----Original Message-----
> From: John van Oppen [mailto:jvanoppen at spectrumnet.us]
> Sent: Saturday, March 31, 2012 2:22 PM
> To: 'Andrew McConachie'; Marshall Eubanks
> Cc: NANOG list
> Subject: RE: airFiber
>
> We actually have a lot of the old gigabeam radios in service, they are faster than the published specs of the airfiber links (1G full duplex vs 750 mbit/sec fd) and lower latency due to their very simplistic design. ? ? To be honest, from a network engineering standpoint, the gigabeams were conveninet as path issues would show up as ethernet errors that can be used to trigger reroutes or other events. ? ?That being said, we did not have a large variety of switches as the microwave side of our house is made up entirely of just a couple of cisco models. ? ?The gigabeams also have a pure OOB management setup.
>
>
> John
>
>
From dave at temk.in Mon Apr 2 10:46:50 2012
From: dave at temk.in (Dave Temkin)
Date: Mon, 02 Apr 2012 11:46:50 -0400
Subject: [NANOG-announce] NANOG 55 - Vancouver: Call For Presentations
In-Reply-To: <4F42CC97.3000200@temk.in>
References: <4F42CC97.3000200@temk.in>
Message-ID: <4F79C9EA.6090106@temk.in>
All,
A reminder as per below - abstracts are due today, and we would like to ask for slides by April 9th.
Best Regards,
-Dave Temkin
On 2/20/12 5:43 PM, Dave Temkin wrote:
> NANOG Community,
>
> After an awesome meeting in San Diego, we're already starting to get ready for NANOG 55 in Vancouver.
> If you have a topic you'd like to speak about, we'd love to consider it. Please watch
> http://www.nanog.org/meetings/nanog55/callforpresentations.html for more information.
>
> Please keep these important dates in mind:
>
>
> Presentation Abstracts and Draft Slides Due: 02-Apr-2012
> Final Slides Due: 09-Apr-2012
> Draft Program Published: 27-Apr-2012
> Final Agenda Published: 15-May-2012
>
> Please submit your materials to http://pc.nanog.org
>
> Looking forward to seeing everyone in San Diego.
>
> -Dave Temkin
>
> (Chair, NANOG Program Committee)
_______________________________________________
NANOG-announce mailing list
NANOG-announce at nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-announce
From jerome at ceriz.fr Mon Apr 2 10:55:04 2012
From: jerome at ceriz.fr (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?=)
Date: Mon, 02 Apr 2012 17:55:04 +0200
Subject: Reachability issue 193.56.43.0/24AS25186 from AS701
Message-ID: <4F79CBD8.1020202@ceriz.fr>
Hi,
Just changed the upstream for this network and a few customers can't
reach our services anymore.
According to RIPE stats, reachability, is not optimal on the north
american zone, but is perfect everywhere else (see
https://stat.ripe.net/193.56.43.124)
One of the complaining customer is on AS1660 and the route breaks within
AS701.
Could anyone confirm the reachability for this prefix from the US ?
Anyone at Verizon to check and fix if necessary ?
Thanks !
--
J?r?me Nicolle
+33 6 19 31 27 14
From todd at borked.ca Mon Apr 2 11:08:06 2012
From: todd at borked.ca (Todd Snyder)
Date: Mon, 2 Apr 2012 12:08:06 -0400
Subject: Distributed DNS/etc checking
Message-ID:
Good day all,
There have been a few instances where we've wanted to check our external
DNS servers from various external networks, so we've utilized the existing
looking glass tools provided by many of you. However, it's a very manual
process, given that all LG's I've found say no automating/scripting. If we
want to check from a couple dozen sites around the world, it's a lot of
clicking and typing and collecting. If we wanted to create an tool that
our NOC could use to verify our services, we would need something we could
script. Ideally, we'd be able to run this constantly to do health checks
on our services, but one step at a time.
I've been googling, but so far I'm unable to find any larger scale
projects/toolsets that we could use to simplify this process. Is anyone
aware of something that would allow for me to submit a "job" to some sort
of distributed service (I care about DNS, but others may care about
traceroutes, pings, bgp information, etc), that will then run run the "job"
and give me back an answer?
Similarly, but perhaps differently, those of you who may run large anycast
DNS services, how do you gather "external" stats about routing, response
time, availability, and so on? It seems like this sort of thing would be a
fairly common requirement (lets see how my network looks to those outside
of it) but everything I can find is very manual at this point.
This looks like a somewhat promising option, however I don't think I could
get buy-in to run a node in our network, so it's not on the table for now:
https://ring.nlnog.net/
This same functionality would likely be very helpful internal to large
networks as well.
I would love to know if I'm missing something obvious, or pieces of
something obvious we could work with. Failing something already existing,
I'd value any information people care to share about how they do this now,
either on or off list. I can summarize any findings if the community is
interested.
Cheers,
Todd.
From jgreco at ns.sol.net Mon Apr 2 11:26:40 2012
From: jgreco at ns.sol.net (Joe Greco)
Date: Mon, 2 Apr 2012 11:26:40 -0500 (CDT)
Subject: Distributed DNS/etc checking
In-Reply-To:
Message-ID: <201204021626.q32GQen2052055@aurora.sol.net>
> Good day all,
>
> There have been a few instances where we've wanted to check our external
> DNS servers from various external networks, so we've utilized the existing
> looking glass tools provided by many of you. However, it's a very manual
> process, given that all LG's I've found say no automating/scripting. If we
> want to check from a couple dozen sites around the world, it's a lot of
> clicking and typing and collecting. If we wanted to create an tool that
> our NOC could use to verify our services, we would need something we could
> script. Ideally, we'd be able to run this constantly to do health checks
> on our services, but one step at a time.
>
> I've been googling, but so far I'm unable to find any larger scale
> projects/toolsets that we could use to simplify this process. Is anyone
> aware of something that would allow for me to submit a "job" to some sort
> of distributed service (I care about DNS, but others may care about
> traceroutes, pings, bgp information, etc), that will then run run the "job"
> and give me back an answer?
>
> Similarly, but perhaps differently, those of you who may run large anycast
> DNS services, how do you gather "external" stats about routing, response
> time, availability, and so on? It seems like this sort of thing would be a
> fairly common requirement (lets see how my network looks to those outside
> of it) but everything I can find is very manual at this point.
>
> This looks like a somewhat promising option, however I don't think I could
> get buy-in to run a node in our network, so it's not on the table for now:
> https://ring.nlnog.net/
>
> This same functionality would likely be very helpful internal to large
> networks as well.
>
> I would love to know if I'm missing something obvious, or pieces of
> something obvious we could work with. Failing something already existing,
> I'd value any information people care to share about how they do this now,
> either on or off list. I can summarize any findings if the community is
> interested.
The usual technique is to buy a few cheap virtual private servers at
points of interest around the net and then do whatever you please.
The problem is that your network will have a different monitoring
system than our network, so if you want something that integrates
cleanly with your Nagios based system, it'll be different than what
integrates cleanly with our WhatsUp system. So it's usually easier
to just go with some cheap virtual private servers.
If you're clever, you might see if you can exchange services with a
few other small networks.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
From jra at baylink.com Mon Apr 2 11:27:51 2012
From: jra at baylink.com (Jay Ashworth)
Date: Mon, 2 Apr 2012 12:27:51 -0400 (EDT)
Subject: [outages] XO Outages
In-Reply-To:
Message-ID: <15197067.9511.1333384071857.JavaMail.root@benjamin.baylink.com>
----- Original Message -----
> From: "Darren Cusano"
> Anyone experiencing any XO Outages? In the Philadelphia area our lines
> are straight to busy.
We have some direct PRIs from XO in Tampa FL, and I have no reports from the
office of circuit problems at this time.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From jra at baylink.com Mon Apr 2 11:28:28 2012
From: jra at baylink.com (Jay Ashworth)
Date: Mon, 2 Apr 2012 12:28:28 -0400 (EDT)
Subject: [outages] XO Outages
In-Reply-To: <15197067.9511.1333384071857.JavaMail.root@benjamin.baylink.com>
Message-ID: <23913751.9513.1333384108165.JavaMail.root@benjamin.baylink.com>
Sorry folks. These are the trials of having a mailer with no list-reply key,
and not enough coffee.
-- j
----- Original Message -----
> From: "Jay Ashworth"
> To: "NANOG"
> Sent: Monday, April 2, 2012 12:27:51 PM
> Subject: Re: [outages] XO Outages
> ----- Original Message -----
> > From: "Darren Cusano"
>
> > Anyone experiencing any XO Outages? In the Philadelphia area our
> > lines
> > are straight to busy.
>
> We have some direct PRIs from XO in Tampa FL, and I have no reports
> from the
> office of circuit problems at this time.
>
> Cheers,
> -- jra
> --
> Jay R. Ashworth Baylink jra at baylink.com
> Designer The Things I Think RFC 2100
> Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
> St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From hank at efes.iucc.ac.il Mon Apr 2 12:14:28 2012
From: hank at efes.iucc.ac.il (Hank Nussbacher)
Date: Mon, 2 Apr 2012 20:14:28 +0300 (IDT)
Subject: Distributed DNS/etc checking
In-Reply-To:
References:
Message-ID:
On Mon, 2 Apr 2012, Todd Snyder wrote:
Try:
http://live.icmynet.com/icmynet-dns/
http://www.zonecut.net/dns/index.cgi
Regards,
Hank
> Good day all,
>
> There have been a few instances where we've wanted to check our external
> DNS servers from various external networks, so we've utilized the existing
> looking glass tools provided by many of you. However, it's a very manual
> process, given that all LG's I've found say no automating/scripting. If we
> want to check from a couple dozen sites around the world, it's a lot of
> clicking and typing and collecting. If we wanted to create an tool that
> our NOC could use to verify our services, we would need something we could
> script. Ideally, we'd be able to run this constantly to do health checks
> on our services, but one step at a time.
>
> I've been googling, but so far I'm unable to find any larger scale
> projects/toolsets that we could use to simplify this process. Is anyone
> aware of something that would allow for me to submit a "job" to some sort
> of distributed service (I care about DNS, but others may care about
> traceroutes, pings, bgp information, etc), that will then run run the "job"
> and give me back an answer?
>
> Similarly, but perhaps differently, those of you who may run large anycast
> DNS services, how do you gather "external" stats about routing, response
> time, availability, and so on? It seems like this sort of thing would be a
> fairly common requirement (lets see how my network looks to those outside
> of it) but everything I can find is very manual at this point.
>
> This looks like a somewhat promising option, however I don't think I could
> get buy-in to run a node in our network, so it's not on the table for now:
> https://ring.nlnog.net/
>
> This same functionality would likely be very helpful internal to large
> networks as well.
>
> I would love to know if I'm missing something obvious, or pieces of
> something obvious we could work with. Failing something already existing,
> I'd value any information people care to share about how they do this now,
> either on or off list. I can summarize any findings if the community is
> interested.
>
> Cheers,
>
> Todd.
>
From heather.schiller at verizon.com Mon Apr 2 13:03:36 2012
From: heather.schiller at verizon.com (Schiller, Heather A)
Date: Mon, 2 Apr 2012 14:03:36 -0400
Subject: Reachability issue 193.56.43.0/24AS25186 from AS701
In-Reply-To: <4F79CBD8.1020202@ceriz.fr>
References: <4F79CBD8.1020202@ceriz.fr>
Message-ID:
Sent response offlist.
--heather
-----Original Message-----
From: J?r?me Nicolle [mailto:jerome at ceriz.fr]
Sent: Monday, April 02, 2012 11:55 AM
To: nanog at nanog.org
Subject: Reachability issue 193.56.43.0/24AS25186 from AS701
Hi,
Just changed the upstream for this network and a few customers can't reach our services anymore.
According to RIPE stats, reachability, is not optimal on the north american zone, but is perfect everywhere else (see
https://stat.ripe.net/193.56.43.124)
One of the complaining customer is on AS1660 and the route breaks within AS701.
Could anyone confirm the reachability for this prefix from the US ?
Anyone at Verizon to check and fix if necessary ?
Thanks !
--
J?r?me Nicolle
+33 6 19 31 27 14
From owen at delong.com Mon Apr 2 13:59:58 2012
From: owen at delong.com (Owen DeLong)
Date: Mon, 2 Apr 2012 11:59:58 -0700
Subject: French Regulator to ask all your information about your Peering
In-Reply-To:
References:
Message-ID:
Personally, I don't see this as a bad thing. Open disclosure of peering
relationships strikes me as a "sunlight is the best disinfectant" kind of
situation.
Will they be making this information public or accepting it under seal?
If they're making it public, then, I think overall it's a good thing. If not,
then it's just another burdensome regulation without much public good.
Owen
On Mar 30, 2012, at 11:21 AM, Raphael MAUNIER wrote:
> Hello All,
>
> This is now the end. The French regulator ( Arcep ) is now asking all the
> people with an ASN in France ( with a L33 license ) to get all their
> information on their peering.
>
> The Arcep claim it's for the "net neutrality" and still don't understand
> it works because it's self regulated.
>
> So, some of US network with a L33 License will also have to respond (
> obligation because you have the L33-1)
>
> The documents can be downloaded here
> http://www.arcep.fr/index.php?id=8571&L=&tx_gsactualite_pi1[uid]=1508&tx_gs
> actualite_pi1[backID]=1&cHash=ed82d44a55 : ( french for now, english
> courtesy version will come soon )
>
> The document is asking for informations like : BW, Prices, contract or
> not, level of use, date of the contract S
>
> You have to give them information twice a year
>
>
>
> We ( @Neo Telecoms ) and other folks in France will probably setup
> something with other carriers ( I already had some discussion with some of
> you ) to talk to them on a single voice.
>
> --
> Rapha?l Maunier
> NEO TELECOMS
> CTO / Directeur Ing?nierie
> AS8218
>
>
>
>
>
From jerome at ceriz.fr Mon Apr 2 16:22:05 2012
From: jerome at ceriz.fr (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?=)
Date: Mon, 02 Apr 2012 23:22:05 +0200
Subject: Reachability issue 193.56.43.0/24AS25186 from AS701
In-Reply-To:
References: <4F79CBD8.1020202@ceriz.fr>
Message-ID: <4F7A187D.3050400@ceriz.fr>
Le 02/04/2012 20:03, Schiller, Heather A a ?crit :
>
> Sent response offlist.
Thanks a lot for your answers, got a few hints to nail it ;)
--
J?r?me Nicolle
+33 6 19 31 27 14
From jeroen at mompl.net Mon Apr 2 20:00:19 2012
From: jeroen at mompl.net (Jeroen van Aart)
Date: Mon, 02 Apr 2012 18:00:19 -0700
Subject: uunet ends newsfeed/newsreader in US
In-Reply-To:
References: <20120330204119.GC23534@nntp.AegisInfoSys.com>
<4F763AD7.30805@rancid.berkeley.edu> <4F76566F.5020906@mompl.net>
Message-ID: <4F7A4BA3.4000809@mompl.net>
C. A. Fillekes wrote:
> I do not think that the closing of a service that's undergone multiple
> acquisitions by actual competitors is at all surprising. Did the
> closing of Alta Vista a couple years ago after its acquisition by
> Yahoo! spell the death of internet search? No.
Well, it's a bit hard to kill off internet searching. Because looking
for stuff is pretty much everyone's main "raisin d'etre". It's not like
you can replace searching with something else. You can replace email
with another form of communication, but searching is searching...
Since quite a number of years altavista.com searches are just submitted
to search.yahoo.com and some time ago I noticed on yahoo's site the
words "powered by bing". Does that mean yahoo's search engine has been
abolished also and is being ran by microsoft (technology)?
In that case the two main search engines of the 90s are dead. Nobody
missed them though...
Regards,
Jeroen
--
Earthquake Magnitude: 6.3
Date: Monday, April 2, 2012 17:36:43 UTC
Location: Oaxaca, Mexico
Latitude: 16.4769; Longitude: -98.2867
Depth: 12.30 km
From ml at kenweb.org Mon Apr 2 20:01:53 2012
From: ml at kenweb.org (ML)
Date: Mon, 02 Apr 2012 21:01:53 -0400
Subject: [outages] XO Outages
In-Reply-To: <15197067.9511.1333384071857.JavaMail.root@benjamin.baylink.com>
References: <15197067.9511.1333384071857.JavaMail.root@benjamin.baylink.com>
Message-ID: <4F7A4C01.6030708@kenweb.org>
On 4/2/2012 12:27 PM, Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Darren Cusano"
>> Anyone experiencing any XO Outages? In the Philadelphia area our lines
>> are straight to busy.
> We have some direct PRIs from XO in Tampa FL, and I have no reports from the
> office of circuit problems at this time.
>
> Cheers,
> -- jra
I have some customer services on XO channelized DS3 and some unmuxed
DS1s..no problems.
From j at arpa.com Tue Apr 3 03:27:56 2012
From: j at arpa.com (jamie rishaw)
Date: Tue, 3 Apr 2012 03:27:56 -0500
Subject: Charter regional(nationwide?) flapping/multi outages
Message-ID:
[ This email takes place and context between 0817 GMT and 0910 GMT ]
Charter is/was/has been/may still be hit by regional to national outages,
starting ~ 0817 GMT
Not only is my home ofc (100mb, quad doc3/rg6, hangs off chi) down (dying
well within the network and not at cpe-adjacent gear), Charter NOC and
Eng's cant even get to their ticketing and status/testing systems. They're
dead in the water. (Voice service aside)
... :
Three thoughts come to mind.
1) Tech says Charter (according to internal talk) has no v6 deploy plans
until 2013. Someone stop me from pulling out my hair on this -- Does 3q
'13 align with others' plans for v6 deployment ?
2) Eating your own dogfood is awesome, but where is a backup plan? My
traces out during the ~30 mins on the horn had me routing thru Chi, Cle,
and MO, dying at border/cores every time. Tethering my laptop to my
android, I saw similarly-stopping routes inbound. (BGPlay disagrees, but
thats another issue).
Does it not behoove call centers and NOCs to have local access to
replicated ticket and status dbs, failing over to alt carriers during
severe outages (or any outage that takes down primary support)?
3) The first line tech suggested "it's DNS" (yet I run two of my own
nameservers @ home, and roll neustar for global) -- Are we (senior types)
just trying to get nocs off the phone with whatever answer, even if it
involves lies that (we're naive to think) there /aren't/ those without clue
that will challenge this, from premise to organization,
sometimes *(cough)*. bringing these issues to a national stage?
Thoughts, comments, insults, jokes, bring it. Anonymization assured should
you want to go OTR and have me repost.
From me at anuragbhatia.com Tue Apr 3 04:02:10 2012
From: me at anuragbhatia.com (Anurag Bhatia)
Date: Tue, 3 Apr 2012 14:32:10 +0530
Subject: Charter regional(nationwide?) flapping/multi outages
In-Reply-To:
References:
Message-ID:
Yes
We are also getting issues from last 2 he's. Any ideas what caused this.
(Sent from my mobile device)
Anurag Bhatia
http://anuragbhatia.com
On Apr 3, 2012 1:58 PM, "jamie rishaw" wrote:
> [ This email takes place and context between 0817 GMT and 0910 GMT ]
>
> Charter is/was/has been/may still be hit by regional to national outages,
> starting ~ 0817 GMT
>
> Not only is my home ofc (100mb, quad doc3/rg6, hangs off chi) down (dying
> well within the network and not at cpe-adjacent gear), Charter NOC and
> Eng's cant even get to their ticketing and status/testing systems. They're
> dead in the water. (Voice service aside)
>
> ... :
>
> Three thoughts come to mind.
>
> 1) Tech says Charter (according to internal talk) has no v6 deploy plans
> until 2013. Someone stop me from pulling out my hair on this -- Does 3q
> '13 align with others' plans for v6 deployment ?
>
> 2) Eating your own dogfood is awesome, but where is a backup plan? My
> traces out during the ~30 mins on the horn had me routing thru Chi, Cle,
> and MO, dying at border/cores every time. Tethering my laptop to my
> android, I saw similarly-stopping routes inbound. (BGPlay disagrees, but
> thats another issue).
> Does it not behoove call centers and NOCs to have local access to
> replicated ticket and status dbs, failing over to alt carriers during
> severe outages (or any outage that takes down primary support)?
>
> 3) The first line tech suggested "it's DNS" (yet I run two of my own
> nameservers @ home, and roll neustar for global) -- Are we (senior types)
> just trying to get nocs off the phone with whatever answer, even if it
> involves lies that (we're naive to think) there /aren't/ those without clue
> that will challenge this, from premise to organization,
> sometimes *(cough)*. bringing these issues to a national stage?
>
>
> Thoughts, comments, insults, jokes, bring it. Anonymization assured should
> you want to go OTR and have me repost.
>
From mukom.tamon at gmail.com Tue Apr 3 11:17:58 2012
From: mukom.tamon at gmail.com (Mukom Akong T.)
Date: Tue, 3 Apr 2012 20:17:58 +0400
Subject: Step-by-step procedure for doing IPv6 subnetting
Message-ID:
Hello all
I often get lots of people who want to know the procedure for doing
IPv6 subnetting like we are used to in IPv4. Before using tools and
utilities to make things easy, I always like to know the general
principles.
I've put up a post about a general and quick procedure on how to
subnet in IPv6 which I believe gives anyone an good theoretical
framework for how to do it. Please do check it out and let me
feedback.
[a] General procedure for IPv6 Subnetting
http://techxcellence.net/2012/04/03/ipv6-subnetting-general-procedure/
[b] Quick procedure ('in your head')
http://techxcellence.net/2011/05/09/v6-subnetting-made-easy/
Regards
--
Mukom Akong [Tamon]
______________
?We don't LIVE in order to BREATH. Similarly WORKING in order to make
MONEY puts us on a one way street to irrelevance.?
[In Search of Excellence & Perfection] - http://perfexcellence.org
[Moments of TechXcellence] - http://techexcellence.net
[ICT Business Integration] -?http://ibiztech.wordpress.com
[About Me] - http://about.me/perfexcellence
From georgeb at gmail.com Tue Apr 3 13:00:57 2012
From: georgeb at gmail.com (George B.)
Date: Tue, 3 Apr 2012 11:00:57 -0700
Subject: Charter regional(nationwide?) flapping/multi outages
In-Reply-To:
References:
Message-ID:
On Tue, Apr 3, 2012 at 1:27 AM, jamie rishaw wrote:
> Three thoughts come to mind.
>
> 1) Tech says Charter (according to internal talk) has no v6 deploy plans
> until 2013. ?Someone stop me from pulling out my hair on this -- Does 3q
> '13 align with others' plans for v6 deployment ?
I have one upstream with no plans to deploy v6 until 2013. I have
production operations in one of their facilities in Europe and a
customer there screaming for v6 support and due to legal issues can't
serve that customer from the US. This is one reason (among a few
others) we have decided to migrate away from this provider. Our US
operations have other v6 capable carriers and we have deployed v6 for
most of our production operations in the US.
From sethm at rollernet.us Tue Apr 3 13:16:40 2012
From: sethm at rollernet.us (Seth Mattinen)
Date: Tue, 03 Apr 2012 11:16:40 -0700
Subject: Charter regional(nationwide?) flapping/multi outages
In-Reply-To:
References:
Message-ID: <4F7B3E88.1090306@rollernet.us>
On 4/3/12 1:27 AM, jamie rishaw wrote:
>
> 1) Tech says Charter (according to internal talk) has no v6 deploy plans
> until 2013. Someone stop me from pulling out my hair on this -- Does 3q
> '13 align with others' plans for v6 deployment ?
>
All of mine already provide me with native IPv6. Whenever Charter has
approached me over the last year I tell them upfront that they need to
match the existing capabilities of my other providers and let them go
through their process.
~Seth
From Bryan.Welch at arrisi.com Tue Apr 3 16:54:34 2012
From: Bryan.Welch at arrisi.com (Welch, Bryan)
Date: Tue, 3 Apr 2012 21:54:34 +0000
Subject: Telia issues?
Message-ID:
Anyone having issues with routes through Telia? We are having reachability issues getting to some Charter netblocks in the South Eastern US which route through Telia.
TIA,
Bryan
From me at anuragbhatia.com Tue Apr 3 19:24:18 2012
From: me at anuragbhatia.com (Anurag Bhatia)
Date: Wed, 4 Apr 2012 05:54:18 +0530
Subject: Telia issues?
In-Reply-To:
References:
Message-ID:
Hello Bryan
We had this issue yesterday via Charter. For now it seems fixed and all is
working OK. Still waiting for detained report from Charter regarding
downtime.
On Wed, Apr 4, 2012 at 3:24 AM, Welch, Bryan wrote:
> Anyone having issues with routes through Telia? We are having
> reachability issues getting to some Charter netblocks in the South Eastern
> US which route through Telia.
>
> TIA,
>
> Bryan
>
>
>
>
--
Anurag Bhatia
anuragbhatia.com
or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
network!
Twitter: @anurag_bhatia
Linkedin: http://linkedin.anuragbhatia.com
From houdini+nanog at clanspum.net Tue Apr 3 23:12:49 2012
From: houdini+nanog at clanspum.net (Bill Weiss)
Date: Tue, 3 Apr 2012 23:12:49 -0500
Subject: Distributed DNS/etc checking
In-Reply-To:
References:
Message-ID: <20120404041248.GH25710@clanspum.net>
Todd Snyder(todd at borked.ca)@Mon, Apr 02, 2012 at 12:08:06PM -0400:
> Good day all,
>
> There have been a few instances where we've wanted to check our external
> DNS servers from various external networks, so we've utilized the existing
> looking glass tools provided by many of you. However, it's a very manual
> process, given that all LG's I've found say no automating/scripting. If we
> want to check from a couple dozen sites around the world, it's a lot of
> clicking and typing and collecting. If we wanted to create an tool that
> our NOC could use to verify our services, we would need something we could
> script. Ideally, we'd be able to run this constantly to do health checks
> on our services, but one step at a time.
To suggest a service that I have no relation to (other than being a happy
customer), have you looked at Pingdom [http://www.pingdom.com/] ? I'm not
using the DNS check type, but I have a dozen or so HTTP checks there.
Their system is super simple, no frills, and is priced like it :) It
looks like you can list a domain to test, a server to check and what
result you expect. They run checks from a bunch of different places (40
servers, seemingly half in the US, right now). Pricing at the low scale
is $6/check/year, which is pretty compelling even against running some
VPSes if you aren't checking too many sites.
--
Bill Weiss
From Matthew.Wright at pearson-harper.com Wed Apr 4 04:16:23 2012
From: Matthew.Wright at pearson-harper.com (Matthew Wright)
Date: Wed, 4 Apr 2012 09:16:23 +0000
Subject: Distributed DNS/etc checking
In-Reply-To: <20120404041248.GH25710@clanspum.net>
References:
<20120404041248.GH25710@clanspum.net>
Message-ID: <4E8781867FE9D749BB957F1C2BDDAF582A1A32ED@phexch02>
Todd Snyder(todd at borked.ca)@Mon, Apr 02, 2012 at 12:08:06PM -0400:
> Good day all,
>
> There have been a few instances where we've wanted to check our
> external DNS servers from various external networks, so we've utilized
> the existing looking glass tools provided by many of you. However,
> it's a very manual process, given that all LG's I've found say no
> automating/scripting. If we want to check from a couple dozen sites
> around the world, it's a lot of clicking and typing and collecting.
> If we wanted to create an tool that our NOC could use to verify our
> services, we would need something we could script. Ideally, we'd be
> able to run this constantly to do health checks on our services, but one step at a time.
A happy customer report for http://www.whatsmydns.net/ not scriptable as such, but very useful, and free into the bargain.
I use it to check our GeoIP DNS is responding as expected.
Matthew
From cconn at b2b2c.ca Wed Apr 4 14:53:03 2012
From: cconn at b2b2c.ca (Chris Conn)
Date: Wed, 04 Apr 2012 15:53:03 -0400
Subject: SORBS?!
Message-ID: <4F7CA69F.9090206@b2b2c.ca>
Hello,
Is anyone from SORBS still listening? We have a few IP addresses here
and there that are listed, one in particular that has been for a spam
incident from over a year ago. The "last spam" date is 03/05/2011
according to their lookup tools.
We don't have access to their Net Manager even if our ARIN POC
corresponds to the account on their system we opened a while ago. We
use their ISP feedback form and never get any responses back.
Is SORBS still relevant and functional?
Sincerely,
Chris Conn
B2B2C.ca
From mjkelly at gmail.com Wed Apr 4 15:06:07 2012
From: mjkelly at gmail.com (Matt Kelly)
Date: Wed, 04 Apr 2012 16:06:07 -0400
Subject: SORBS?!
In-Reply-To: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
Good luck. Last time we heard back from them they were trying to extort
us for $18,000 to have a huge block of Ips removed. They were listed from
the day we received them from arin. After that we gave up on SORBS.
On 4/4/12 3:53 PM, "Chris Conn" wrote:
>Hello,
>
>Is anyone from SORBS still listening? We have a few IP addresses here
>and there that are listed, one in particular that has been for a spam
>incident from over a year ago. The "last spam" date is 03/05/2011
>according to their lookup tools.
>
>We don't have access to their Net Manager even if our ARIN POC
>corresponds to the account on their system we opened a while ago. We
>use their ISP feedback form and never get any responses back.
>
>Is SORBS still relevant and functional?
>
>Sincerely,
>
>Chris Conn
>B2B2C.ca
>
From paul at paulgraydon.co.uk Wed Apr 4 15:08:08 2012
From: paul at paulgraydon.co.uk (Paul Graydon)
Date: Wed, 04 Apr 2012 10:08:08 -1000
Subject: SORBS?!
In-Reply-To: <4F7CA69F.9090206@b2b2c.ca>
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <4F7CAA28.7050000@paulgraydon.co.uk>
They're still functional, still used by companies but I wouldn't make
any observation on them running 'well'. A friend's office IP range got
blocked and unblocked recently by them so they do seem to remove entries.
Beyond that on NANOG you're pretty much into "light blue touch paper and
retire to a safe distance" territory even mentioning them. There is a
good chance you might get a reply from Sorbs here, they almost always
seem to respond when things get raised on NANOG.
Paul
On 04/04/2012 09:53 AM, Chris Conn wrote:
> Hello,
>
> Is anyone from SORBS still listening? We have a few IP addresses
> here and there that are listed, one in particular that has been for a
> spam incident from over a year ago. The "last spam" date is
> 03/05/2011 according to their lookup tools.
>
> We don't have access to their Net Manager even if our ARIN POC
> corresponds to the account on their system we opened a while ago. We
> use their ISP feedback form and never get any responses back.
>
> Is SORBS still relevant and functional?
>
> Sincerely,
>
> Chris Conn
> B2B2C.ca
>
From mdavids at forfun.net Wed Apr 4 15:26:11 2012
From: mdavids at forfun.net (Marco Davids (Prive))
Date: Wed, 4 Apr 2012 22:26:11 +0200 (CEST)
Subject: DNS issues with tools.ietf.org
Message-ID:
Hi,
Something seems wrong with the DNS of 'tools.ietf.org'.
Can anyone conform?
--
Marco
From craig at codestorm.org Wed Apr 4 15:28:50 2012
From: craig at codestorm.org (Craig Van Tassle)
Date: Wed, 4 Apr 2012 16:28:50 -0400
Subject: DNS issues with tools.ietf.org
In-Reply-To:
References:
Message-ID: <20120404162850.23b14639@codestorm.org>
On Wed, 4 Apr 2012 22:26:11 +0200 (CEST)
"Marco Davids (Prive)" wrote:
> Hi,
>
> Something seems wrong with the DNS of 'tools.ietf.org'.
>
> Can anyone conform?
>
> --
> Marco
>
It works for me.
From ryanczak at gmail.com Wed Apr 4 15:31:39 2012
From: ryanczak at gmail.com (Matt Ryanczak)
Date: Wed, 04 Apr 2012 16:31:39 -0400
Subject: DNS issues with tools.ietf.org
In-Reply-To: <20120404162850.23b14639@codestorm.org>
References:
<20120404162850.23b14639@codestorm.org>
Message-ID: <4F7CAFAB.8010004@gmail.com>
On 04/04/2012 04:28 PM, Craig Van Tassle wrote:
> It works for me.
works for me too but there do appear to be some problems:
> matt at bender:~$ dig tools.ietf.org ns +short
> shiraz.levkowetz.com.
> cabernet.levkowetz.com.
> merlot.levkowetz.com.
> zinfandel.levkowetz.com.
> gamay.levkowetz.com.
> grenache.levkowetz.com.
> matt at bender:~$ for named in `dig tools.ietf.org ns +short`;do dig @$named tools.ietf.org soa +short; done
>
> ; <<>> DiG 9.7.3 <<>> @zinfandel.levkowetz.com. tools.ietf.org soa +short
> ; (2 servers found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> dig: couldn't get address for 'grenache.levkowetz.com.': not found
> merlot.levkowetz.com. hostmaster.tools.ietf.org. 2012022501 43200 3600 3600000 600
> merlot.levkowetz.com. hostmaster.tools.ietf.org. 2012022501 43200 3600 3600000 600
> merlot.levkowetz.com. hostmaster.tools.ietf.org. 2012022501 43200 3600 3600000 600
From bortzmeyer at nic.fr Wed Apr 4 15:34:55 2012
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Wed, 4 Apr 2012 22:34:55 +0200
Subject: DNS issues with tools.ietf.org
In-Reply-To: <29701_1333571430_4F7CAF66_29701_15224_1_alpine.DEB.2.00.1204042220260.10706@xs.forfun.net>
References: <29701_1333571430_4F7CAF66_29701_15224_1_alpine.DEB.2.00.1204042220260.10706@xs.forfun.net>
Message-ID: <20120404203455.GA26197@sources.org>
On Wed, Apr 04, 2012 at 10:26:11PM +0200,
Marco Davids (Prive) wrote
a message of 8 lines which said:
> Something seems wrong with the DNS of 'tools.ietf.org'.
Can you be more specific? It works for me except that one name server
does not actually exist (but it does not prevent the domain from
working).
% zonecheck tools.ietf.org
ERROR: Unable to find nameserver IP address(es) for grenache.levkowetz.com
(NXDOMAIN, indeed)
From mdavids at forfun.net Wed Apr 4 15:35:34 2012
From: mdavids at forfun.net (Marco Davids (Prive))
Date: Wed, 4 Apr 2012 22:35:34 +0200 (CEST)
Subject: DNS issues with tools.ietf.org
In-Reply-To: <4F7CAFAB.8010004@gmail.com>
References:
<20120404162850.23b14639@codestorm.org> <4F7CAFAB.8010004@gmail.com>
Message-ID:
On Wed, 4 Apr 2012, Matt Ryanczak wrote:
> On 04/04/2012 04:28 PM, Craig Van Tassle wrote:
>> It works for me.
>
> works for me too but there do appear to be some problems:
And what about this:
dig tools.ietf.org @merlot.levkowetz.com.
; <<>> DiG 9.7.0-P1 <<>> tools.ietf.org @merlot.levkowetz.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<
References:
Message-ID: <4F7CB159.8020104@dougbarton.us>
On 04/04/2012 13:26, Marco Davids (Prive) wrote:
> Hi,
>
> Something seems wrong with the DNS of 'tools.ietf.org'.
>
> Can anyone conform?
Yes:
Finding name servers for tools.ietf.org in parent zone
Checking serials for tools.ietf.org in:
cabernet.levkowetz.com
Query Error: SERVFAIL on merlot.levkowetz.com
shiraz.levkowetz.com
Checking zone NS set against parent
Query Error: SERVFAIL on merlot.levkowetz.com
Error: parent has:
cabernet.levkowetz.com merlot.levkowetz.com
shiraz.levkowetz.com
But tools.ietf.org zone has:
cabernet.levkowetz.com gamay.levkowetz.com
grenache.levkowetz.com merlot.levkowetz.com
shiraz.levkowetz.com zinfandel.levkowetz.com
Also, as others pointed out, there does not seem to be an address for
grenache.
--
If you're never wrong, you're not trying hard enough
From jra at baylink.com Wed Apr 4 15:45:57 2012
From: jra at baylink.com (Jay Ashworth)
Date: Wed, 4 Apr 2012 16:45:57 -0400 (EDT)
Subject: DNS issues with tools.ietf.org
In-Reply-To:
Message-ID: <24111986.10045.1333572357093.JavaMail.root@benjamin.baylink.com>
----- Original Message -----
> From: "Marco Davids (Prive)"
> Something seems wrong with the DNS of 'tools.ietf.org'.
>
> Can anyone conform?
It's generally a good idea when asking this sort of question -- especially
here on NANOG, which is *not* Junior Varsity -- to present what you *expected*
to see, what you *saw*, and why you think that implies breakage outside your
facility.
Let me refer you to:
http://www.catb.org/~esr/faqs/smart-questions.html
and
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
which are the two standard reference works on the meta-topic here at hand.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
From bortzmeyer at nic.fr Wed Apr 4 15:49:22 2012
From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
Date: Wed, 4 Apr 2012 22:49:22 +0200
Subject: DNS issues with tools.ietf.org
In-Reply-To: <29701_1333572054_4F7CB1D4_29701_15363_1_alpine.DEB.2.00.1204042234520.10770@xs.forfun.net>
References:
<20120404162850.23b14639@codestorm.org>
<4F7CAFAB.8010004@gmail.com>
<29701_1333572054_4F7CB1D4_29701_15363_1_alpine.DEB.2.00.1204042234520.10770@xs.forfun.net>
Message-ID: <20120404204922.GA11072@sources.org>
On Wed, Apr 04, 2012 at 10:35:34PM +0200,
Marco Davids (Prive) wrote
a message of 15 lines which said:
> And what about this:
But two name servers, gamay and shiraz still work. So the domain
works, so you can email the hostmaster :-)
From lstewart at superb.net Wed Apr 4 15:55:46 2012
From: lstewart at superb.net (Landon Stewart)
Date: Wed, 4 Apr 2012 13:55:46 -0700
Subject: SORBS?!
In-Reply-To: <4F7CA69F.9090206@b2b2c.ca>
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
On 4 April 2012 12:53, Chris Conn wrote:
> Hello,
>
> Is anyone from SORBS still listening? We have a few IP addresses here
> and there that are listed, one in particular that has been for a spam
> incident from over a year ago. The "last spam" date is 03/05/2011
> according to their lookup tools.
>
> We don't have access to their Net Manager even if our ARIN POC corresponds
> to the account on their system we opened a while ago. We use their ISP
> feedback form and never get any responses back.
>
> Is SORBS still relevant and functional?
>
I've been trying to login to their 'support' interface for a while now.
Emails from them for creating a new account or trying to recover a
password for an existing account don't actually come to me. I actually
wrote Girish from the company that purchased SORBS (Proofpoint) about it
(also CC'd here) and I have had no reply whatsoever either.
I think we should all just NULL ROUTE all of their IP space on our borders
to get their attention.
Regards,
Landon
From mdavids at forfun.net Wed Apr 4 16:05:02 2012
From: mdavids at forfun.net (Marco Davids (Prive))
Date: Wed, 4 Apr 2012 23:05:02 +0200 (CEST)
Subject: DNS issues with tools.ietf.org
In-Reply-To: <20120404204922.GA11072@sources.org>
References:
<20120404162850.23b14639@codestorm.org> <4F7CAFAB.8010004@gmail.com>
<29701_1333572054_4F7CB1D4_29701_15363_1_alpine.DEB.2.00.1204042234520.10770@xs.forfun.net>
<20120404204922.GA11072@sources.org>
Message-ID:
On Wed, 4 Apr 2012, Stephane Bortzmeyer wrote:
>> And what about this:
>
> But two name servers, gamay and shiraz still work. So the domain
> works
Actually it didn't resolve at all. Even an 'unbound-host -v -d'
failed.
But... things seem to be working fine again, at least to the extend that I
can reach the website.
--
Marco
From marshall.eubanks at gmail.com Wed Apr 4 16:08:15 2012
From: marshall.eubanks at gmail.com (Marshall Eubanks)
Date: Wed, 4 Apr 2012 17:08:15 -0400
Subject: DNS issues with tools.ietf.org
In-Reply-To: <20120404204922.GA11072@sources.org>
References:
<20120404162850.23b14639@codestorm.org>
<4F7CAFAB.8010004@gmail.com>
<29701_1333572054_4F7CB1D4_29701_15363_1_alpine.DEB.2.00.1204042234520.10770@xs.forfun.net>
<20120404204922.GA11072@sources.org>
Message-ID:
On Wed, Apr 4, 2012 at 4:49 PM, Stephane Bortzmeyer wrote:
> On Wed, Apr 04, 2012 at 10:35:34PM +0200,
> ?Marco Davids (Prive) wrote
> ?a message of 15 lines which said:
>
>> And what about this:
>
> But two name servers, gamay and shiraz still work. So the domain
> works, so you can email the hostmaster :-)
>
I have forwarded this thread to Henrik Levkowetz
Regards
Marshall
From jeroen at mompl.net Wed Apr 4 16:21:11 2012
From: jeroen at mompl.net (Jeroen van Aart)
Date: Wed, 04 Apr 2012 14:21:11 -0700
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <4F7CBB47.1010801@mompl.net>
Landon Stewart wrote:
> I think we should all just NULL ROUTE all of their IP space on our borders
> to get their attention.
Yeah you're free to do that, as well as complain about it and SORBS in
turn is free to put whatever the hell they feel like on their block
lists and not remove it at all, ever, for whatever reason.
One common theme I did notice in the countless and, dare I say, tiresome
complaints about SORBS is that it hardly ever helps and may even make it
worse.
It's best to not complain about it and just accept it as a fact of life
your IPs are listed on SORBS and move on. It's not the end of the world.
Greetings,
Jeroen
--
Earthquake Magnitude: 3.0
Date: Wednesday, April 4, 2012 20:59:13 UTC
Location: Baja California, Mexico
Latitude: 32.6142; Longitude: -115.8417
Depth: 2.90 km
From mikea at mikea.ath.cx Wed Apr 4 16:21:51 2012
From: mikea at mikea.ath.cx (Mike Andrews)
Date: Wed, 4 Apr 2012 16:21:51 -0500
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <20120404212151.GD25082@mikea.ath.cx>
On Wed, Apr 04, 2012 at 01:55:46PM -0700, Landon Stewart wrote:
> On 4 April 2012 12:53, Chris Conn wrote:
>
> > Hello,
> >
> > Is anyone from SORBS still listening? We have a few IP addresses here
> > and there that are listed, one in particular that has been for a spam
> > incident from over a year ago. The "last spam" date is 03/05/2011
> > according to their lookup tools.
> >
> > We don't have access to their Net Manager even if our ARIN POC corresponds
> > to the account on their system we opened a while ago. We use their ISP
> > feedback form and never get any responses back.
> >
> > Is SORBS still relevant and functional?
> >
>
> I've been trying to login to their 'support' interface for a while now.
> Emails from them for creating a new account or trying to recover a
> password for an existing account don't actually come to me. I actually
> wrote Girish from the company that purchased SORBS (Proofpoint) about it
> (also CC'd here) and I have had no reply whatsoever either.
>
> I think we should all just NULL ROUTE all of their IP space on our borders
> to get their attention.
By a happy coincidence, I got mail today from Scott Greco of Proofpoint,
asking if we could get together to discuss their products. I've replied
to that with a summary of this thread, and am Cc:ing him on this mail, as
well. Maybe we can get their attention, though past experience with SORBS
does not exactly imbue me with confidence.
--
Mike Andrews, W5EGO
mikea at mikea.ath.cx
Tired old sysadmin
From ahebert at pubnix.net Wed Apr 4 16:27:10 2012
From: ahebert at pubnix.net (Alain Hebert)
Date: Wed, 04 Apr 2012 17:27:10 -0400
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <4F7CBCAE.2090802@pubnix.net>
Hi,
We had an issue with one of our old subnets which was used as a
pool for dynamic dial-up in the past, which we now use for virtual hosting.
It took a few me a few hours but I was able to get it removed from
the DUHL list.
( And a few walk around the block to calm me down after dealing
with their robot =D ).
As for being removed from their SPAM RBL that might be another story..
Actually knowing Chris, and his outfit, that 18k request seems
unwarranted :(
As for SORBS, they have a ticket system at
http://support.sorbs.net/ which use the same username/password as
https://www.us.sorbs.net. You can follow up there with your ticket #,
if their robot is being a bit too fascist.
( ecarbonel was the guy that help us in our case )
PS: The ticketing system is not that fast, so be patient.
/wave Chris
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 04/04/12 16:55, Landon Stewart wrote:
> On 4 April 2012 12:53, Chris Conn wrote:
>
>> Hello,
>>
>> Is anyone from SORBS still listening? We have a few IP addresses here
>> and there that are listed, one in particular that has been for a spam
>> incident from over a year ago. The "last spam" date is 03/05/2011
>> according to their lookup tools.
>>
>> We don't have access to their Net Manager even if our ARIN POC corresponds
>> to the account on their system we opened a while ago. We use their ISP
>> feedback form and never get any responses back.
>>
>> Is SORBS still relevant and functional?
>>
> I've been trying to login to their 'support' interface for a while now.
> Emails from them for creating a new account or trying to recover a
> password for an existing account don't actually come to me. I actually
> wrote Girish from the company that purchased SORBS (Proofpoint) about it
> (also CC'd here) and I have had no reply whatsoever either.
>
> I think we should all just NULL ROUTE all of their IP space on our borders
> to get their attention.
>
> Regards,
> Landon
>
From lstewart at superb.net Wed Apr 4 16:36:09 2012
From: lstewart at superb.net (Landon Stewart)
Date: Wed, 4 Apr 2012 14:36:09 -0700
Subject: SORBS?!
In-Reply-To: <4F7CBB47.1010801@mompl.net>
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
Message-ID:
On 4 April 2012 14:21, Jeroen van Aart wrote:
> Landon Stewart wrote:
>
>> I think we should all just NULL ROUTE all of their IP space on our borders
>> to get their attention.
>>
>
> Yeah you're free to do that, as well as complain about it and SORBS in
> turn is free to put whatever the hell they feel like on their block lists
> and not remove it at all, ever, for whatever reason.
>
The latter part of that sentence has already been confirmed for years now.
> It's best to not complain about it and just accept it as a fact of life
> your IPs are listed on SORBS and move on. It's not the end of the world.
>
It turns into a customer service issue for most service providers.
From lstewart at superb.net Wed Apr 4 16:39:04 2012
From: lstewart at superb.net (Landon Stewart)
Date: Wed, 4 Apr 2012 14:39:04 -0700
Subject: SORBS?!
In-Reply-To: <4F7CBCAE.2090802@pubnix.net>
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBCAE.2090802@pubnix.net>
Message-ID:
On 4 April 2012 14:27, Alain Hebert wrote:
> As for SORBS, they have a ticket system at http://support.sorbs.net/which use the same username/password as
> https://www.us.sorbs.net. You can follow up there with your ticket #, if
> their robot is being a bit too fascist. ( ecarbonel was the guy that help
> us in our case )
>
Yeah that's my main complaint right now is that we can't get into their
ticket system *or* register a new account for our AS. The new account
registration email never gets received for confirmation. The account we
used to use doesn't work despite it being somewhere around 7 years old.
> PS: The ticketing system is not that fast, so be patient.
>
It's better than it was a few months ago I must say. It was almost
absolutely unusably slow the last time I was in there probably late last
year some time.
---
Landon Stewart >
Sr. Administrator
Systems Engineering
Superb Internet Corp - 888-354-6128 x 4199
Web hosting and more "Ahead of the Rest": www.superb.net
From cconn at b2b2c.ca Wed Apr 4 16:39:10 2012
From: cconn at b2b2c.ca (Chris Conn)
Date: Wed, 04 Apr 2012 17:39:10 -0400
Subject: SORBS?!
In-Reply-To:
References:
Message-ID: <4F7CBF7E.7010507@b2b2c.ca>
On 2012-04-04 17:33:
>
> Hi,
>
> Actually knowing Chris, and his outfit, that 18k request seems unwarranted :(
>
> As for SORBS, they have a ticket system at http://support.sorbs.net/ which use the same username/password as https://www.us.sorbs.net. You can follow up there with your ticket #, if their robot is being a bit too fascist.
> ( ecarbonel was the guy that help us in our case )
>
> PS: The ticketing system is not that fast, so be patient.
>
> /wave Chris
>
Hi Alain!
The 18K thing was another operator, but we have not had much luck. I
will give my attention to the ticket for now and wait until something
happens. Its not a crucial issue since from what I can tell its mostly
a cosmetic thing (and a bit of a managerial pain to have to explain the
implications to a customer).
I have no beef with SORBS, we even rsync their zone on our DNS servers
so we can provide faster access to it to our customers that might use
it. However recently, getting listing action seems to fall into a void.
Cheers,
Chris
From amogh at cc.gatech.edu Wed Apr 4 17:41:19 2012
From: amogh at cc.gatech.edu (Amogh Dhamdhere)
Date: Wed, 4 Apr 2012 15:41:19 -0700
Subject: CAIDA's 2012 IPv6 survey -- need network operators to fill out
In-Reply-To: <20120313215614.GA39216@caida.org>
References: <20120313215614.GA39216@caida.org>
Message-ID:
Hello folks,
Thanks much to those of you who already completed our IPv6 deployment survey. We forgot to mention in the first email (though it's on the survey URL) that we are offering a free iPad to a randomly chosen survey respondent. Hopefully this is an additional incentive for more of you to fill out the survey :)
The survey URL once again: http://www.surveygizmo.com/s3/749797/ipv6survey
We will keep the survey open until April 20, 2012. Please let us know if you have questions/comments, or if you can chat with us for follow-up questions outside the survey.
Thanks,
Amogh, kc, Emile
On Mar 13, 2012, at 2:56 PM, k claffy wrote:
>
>
> [direct link to IPv6 operational deployment [plans] survey
> if you don't need background:
> http://www.surveygizmo.com/s3/749797/ipv6survey
> ]
>
> hello folks,
>
> we're trying to do some quantitative modeling of
> the IPv4->IPv6 transition, including the impact of
> IPv4 markets on likely future trajectories, but
> really need some empirical data to parametrize our model.
> with much help from many patient reviewers of the questions,
> we finally have a survey ready for operators to fill out.
>
> below i'll give an extremely terse description of the model
> just to give you an idea of why we need this granularity.
> there are another 10 dense pages describing the model pending
> peer review at NSF, which i can send to anyone interested in
> giving us feedback on it. but it's not necessary for
> responding to the survey. also note the checkbox to
> indicate you're amenable to further followup questions.
> survey will be available till 12 april 2012.
> (or tell us if you want to fill it out but need more time.)
>
> survey link, again:
> http://www.surveygizmo.com/s3/749797/ipv6survey
>
> thanks much,
> k, amogh, emile
>
> ------------------------------
>
> Most prior work on modeling the adoption of new technologies assumed a
> binary decision at the organization level -- in the context of
> IPv6, this decision means switching completely to IPv6 or not at
> all. We propose to account for the fact that an organization may
> deploy IPv6 incrementally in its network, meaning that it will
> continue to have both IPv4 and IPv6 space. A key aspect of our model
> is that instead of a binary state per organization, we work at the
> granularity of devices, which are entities that need to be
> assigned IP addresses. We consider a device to correspond to a single
> instance of an IP addressing need, which typically corresponds to an
> interface. Though there can be multiple interfaces (``devices'') on
> the same computer/router, and multiple addresses (``virtual
> interfaces'') on a single interface, we will model each need for an
> independent IP address as an independent device. We define device
> classes based on the nature of addresses used to number those devices,
> e.g., public IPv4, IPv6, dual-stack-NATv4, dual-stack-public-IPv4, etc.
> We model the network growth requirements of each network in terms
> of the number of additional devices in that network that need to
> be configured in one of these device classes.
>
> ... (then we catalog a list of costs and incentives associated with the
> decision to adopt IPv6 or satisfy one's addressing needs with IPv4-based
> technologies. costs parameters include the costs of IPv4 addresses, NAT
> deployment, renumbering, and translation between IPv4 and IPv6. we will
> also try to model incentives such as policies and regulations.)
>
> We will then model two separate decision processes for a network, based
> on whether it seeks to add new devices (to expand its network, provision
> for new customers, deploy new services, etc.), or whether it seeks to
> optimize the numbering of its existing devices from among the five
> device classes defined previously. The latter operation may be necessary
> if external factors and costs have changed such that the network could
> substantially lower its costs by numbering its devices differently. We
> want to structure the model (based on feedback from opsfolk like you)
> to capture both initial costs as well as ongoing operational costs of
> supporting a given configuration of devices for a specified window
> following the decision. Iteration of the decision process continues
> for each network until we reach a state where no network has the incentive
> to change the numbering of its devices, which represents the equilibrium.
> ....
>
From benc at brennanit.com.au Thu Apr 5 00:55:43 2012
From: benc at brennanit.com.au (Ben Cornish)
Date: Thu, 5 Apr 2012 15:55:43 +1000
Subject: Looking for North American Carriage providers
Message-ID: <0D7EE45B5EED4D44A97ED31496F8E9E65334E2709A@BRENSYD-MBX.brennanit.com.au>
Hi All,
I apologize for the Spam - We recently expanded into North America from Australia to service our Australian Clients with their international needs.
We are seeking a Carrier or few carriers that can provide us with layer 2 Ethernet services that has coverage to the majority of North America.
We are looking at the smaller services of 2 to 20mb area. Preferable handoff in Equinix-SV1(San Jose) or 1 Wilshire(Coresite LA) as VLAN's
Seeking responses off list please.
Cheers.
Ben Cornish |Brennan IT| National Network Manager
T: 0732349302 Direct: 0282353520 | M: 0417617204 | mailto:benc at brennanit.com.au | www.brennanit.com.au
http://www.brennanit.com.au/press-release/brennan-it-named-1-managed-services-provider/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 14181 bytes
Desc: not available
URL:
From sam.oduor at gmail.com Thu Apr 5 06:55:32 2012
From: sam.oduor at gmail.com (Sam Oduor)
Date: Thu, 5 Apr 2012 14:55:32 +0300
Subject: SORBS?!
In-Reply-To: <4F7CA69F.9090206@b2b2c.ca>
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
Some of the IP's I manage got blacklisted and its true they were spamming
and Sorbs had a very valid reason for blacklisting them.
I got this response response from sorbs after resolving the problem
amicably. Sorbs responded well on time.
*Your request appear to have been resolved. If you have any
further questions or concerns, please respond to this message.
Please note:
If your IP address has been delisted (marked as 'Inactive'), it will
take up to 2 hours to get from the database to all the SORBS DNS
servers. Changes to the database are exported to the DNS zone files
periodically, not immediately after every change. Furthermore, after
the updated database contents have been exported to the DNS zone
files, it will then take up to 48 hours for the outdated DNS
information to be removed from DNS caches around the world - none
of these are in SORBS' control.
Please do not reply to this call with problems not related to
this ticket or your request will be ignored.
*
*On Wed, Apr 4, 2012 at 10:53 PM, Chris Conn wrote:
*
>
> *Hello,
>
> Is anyone from SORBS still listening? We have a few IP addresses here
> and there that are listed, one in particular that has been for a spam
> incident from over a year ago. The "last spam" date is 03/05/2011
> according to their lookup tools.* *
>
> We don't have access to their Net Manager even if our ARIN POC corresponds
> to the account on their system we opened a while ago. We use their ISP
> feedback form and never get any responses back.* *
>
> Is SORBS still relevant and functional?* *
>
> Sincerely,*
>
> Chris Conn
> B2B2C.ca
>
>
--
Samson Oduor
From drew.weaver at thenap.com Thu Apr 5 10:56:27 2012
From: drew.weaver at thenap.com (Drew Weaver)
Date: Thu, 5 Apr 2012 11:56:27 -0400
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
Now, if we could only teach Senderbase that if their customers receive 'questionable' smtp traffic from 1 IP address in a /24 it doesn't mean that all IP addresses in that /24 are malicious we'd really be living it up in 2012.
-----Original Message-----
From: Sam Oduor [mailto:sam.oduor at gmail.com]
Sent: Thursday, April 05, 2012 7:56 AM
To: Chris Conn
Cc: nanog at nanog.org
Subject: Re: SORBS?!
Some of the IP's I manage got blacklisted and its true they were spamming and Sorbs had a very valid reason for blacklisting them.
I got this response response from sorbs after resolving the problem amicably. Sorbs responded well on time.
*Your request appear to have been resolved. If you have any further questions or concerns, please respond to this message.
Please note:
If your IP address has been delisted (marked as 'Inactive'), it will take up to 2 hours to get from the database to all the SORBS DNS servers. Changes to the database are exported to the DNS zone files periodically, not immediately after every change. Furthermore, after the updated database contents have been exported to the DNS zone files, it will then take up to 48 hours for the outdated DNS information to be removed from DNS caches around the world - none of these are in SORBS' control.
Please do not reply to this call with problems not related to this ticket or your request will be ignored.
*
*On Wed, Apr 4, 2012 at 10:53 PM, Chris Conn wrote:
*
>
> *Hello,
>
> Is anyone from SORBS still listening? We have a few IP addresses here
> and there that are listed, one in particular that has been for a spam
> incident from over a year ago. The "last spam" date is 03/05/2011
> according to their lookup tools.* *
>
> We don't have access to their Net Manager even if our ARIN POC
> corresponds to the account on their system we opened a while ago. We
> use their ISP feedback form and never get any responses back.* *
>
> Is SORBS still relevant and functional?* *
>
> Sincerely,*
>
> Chris Conn
> B2B2C.ca
>
>
--
Samson Oduor
From esavage at digitalrage.org Thu Apr 5 11:41:13 2012
From: esavage at digitalrage.org (Elijah Savage)
Date: Thu, 5 Apr 2012 12:41:13 -0400 (EDT)
Subject: SIP Carrier Consolidation
Message-ID: <13733103.140.1333644073293.JavaMail.root@ubuntu.digitalrage.org>
Anyone here that have gone through the process of SIP trunking consolidation care to comment offline on
Whom do you utilize?
What has been your experience operationally?
What was your experience during transition/implementation?
Thank you ahead of time.
From goemon at anime.net Thu Apr 5 11:48:15 2012
From: goemon at anime.net (goemon at anime.net)
Date: Thu, 5 Apr 2012 09:48:15 -0700 (PDT)
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
This is often the only way to get peoples attention and get action.
Providers dont care about individual /32's and will let them sit around
and spew nigerian scams and pill spams without any consequences.
But they will care about a /24.
-Dan
On Thu, 5 Apr 2012, Drew Weaver wrote:
> Now, if we could only teach Senderbase that if their customers receive 'questionable' smtp traffic from 1 IP address in a /24 it doesn't mean that all IP addresses in that /24 are malicious we'd really be living it up in 2012.
>
>
>
> -----Original Message-----
> From: Sam Oduor [mailto:sam.oduor at gmail.com]
> Sent: Thursday, April 05, 2012 7:56 AM
> To: Chris Conn
> Cc: nanog at nanog.org
> Subject: Re: SORBS?!
>
> Some of the IP's I manage got blacklisted and its true they were spamming and Sorbs had a very valid reason for blacklisting them.
>
> I got this response response from sorbs after resolving the problem amicably. Sorbs responded well on time.
>
> *Your request appear to have been resolved. If you have any further questions or concerns, please respond to this message.
>
> Please note:
>
> If your IP address has been delisted (marked as 'Inactive'), it will take up to 2 hours to get from the database to all the SORBS DNS servers. Changes to the database are exported to the DNS zone files periodically, not immediately after every change. Furthermore, after the updated database contents have been exported to the DNS zone files, it will then take up to 48 hours for the outdated DNS information to be removed from DNS caches around the world - none of these are in SORBS' control.
>
> Please do not reply to this call with problems not related to this ticket or your request will be ignored.
>
>
>
> *
> *On Wed, Apr 4, 2012 at 10:53 PM, Chris Conn wrote:
> *
>>
>> *Hello,
>>
>> Is anyone from SORBS still listening? We have a few IP addresses here
>> and there that are listed, one in particular that has been for a spam
>> incident from over a year ago. The "last spam" date is 03/05/2011
>> according to their lookup tools.* *
>>
>> We don't have access to their Net Manager even if our ARIN POC
>> corresponds to the account on their system we opened a while ago. We
>> use their ISP feedback form and never get any responses back.* *
>>
>> Is SORBS still relevant and functional?* *
>>
>> Sincerely,*
>>
>> Chris Conn
>> B2B2C.ca
>>
>>
>
>
> --
> Samson Oduor
>
>
From lstewart at superb.net Thu Apr 5 12:06:03 2012
From: lstewart at superb.net (Landon Stewart)
Date: Thu, 5 Apr 2012 10:06:03 -0700
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
>
> On Thu, 5 Apr 2012, Drew Weaver wrote:
>
> Now, if we could only teach Senderbase that if their customers receive
>> 'questionable' smtp traffic from 1 IP address in a /24 it doesn't mean that
>> all IP addresses in that /24 are malicious we'd really be living it up in
>> 2012.
>>
>>
On 5 April 2012 09:48, wrote:
> This is often the only way to get peoples attention and get action.
>
> Providers dont care about individual /32's and will let them sit around
> and spew nigerian scams and pill spams without any consequences.
>
> But they will care about a /24.
>
> -Dan
>
If the purpose of blacklist is to block spam for recipients using that
blacklist then a /32 works. If the purpose of a blacklist is to annoy
providers then a /24 works. The most reputable and useful blacklists IMHO
are Spamhaus and Spamcop - they don't block /24s. Spamhaus sometimes does
if your rwhois shows that a large amount of the /24 is owned by the
offending party but generally they don't. In my opinion a blacklist is
useful when it notifies a provider of a listing, provides the reason for
the listing and gives you a way to remove the listing.
Spamhaus encourages companies to resolve all the issues while only blocking
/32s by showing all the listings under your responsibility and making nice
to see that list empty. Pretty simple. Incidentally SORBS usually blocks
/24s and, as far as I know, provides no way for you to lookup all listings
under a providers responsibility (by AS or otherwise).
Incidentally, I have yet to see anything from Proofpoint, SORBS or their
support system regarding the access issues we are having to their system.
If anyone has another contact at Proofpoint other than Girish I'd
appreciate knowing what it is.
---
Landon Stewart >
Sr. Administrator
Systems Engineering
Superb Internet Corp - 888-354-6128 x 4199
Web hosting and more "Ahead of the Rest": www.superb.net
From georgeb at gmail.com Thu Apr 5 12:26:11 2012
From: georgeb at gmail.com (George B.)
Date: Thu, 5 Apr 2012 10:26:11 -0700
Subject: Quad-A records in Network Solutions ?
In-Reply-To: <4F74485F.3040401@gmail.com>
References:
<4F735B1B.4030909@deaddrop.org> <4F735CAC.2010700@gmail.com>
<4f73d08d.c4c52a0a.5a34.4638SMTPIN_ADDED@mx.google.com>
<4F74485F.3040401@gmail.com>
Message-ID:
On Thu, Mar 29, 2012 at 4:32 AM, Matt Ryanczak wrote:
> I too had AAAA with nesol years ago. It required special phone calls to
> special people to update. Customer support never knew what was going on
> regarding AAAA or IPvWhat?.
>
> I suspect all of the people there that know about these types of things have
> moved on. Netsol has been leaking people since their sale to web.com last
> year, from actual layoffs and fear of the same.
>
> ~matt
How long did it take them? We have had a request in for AAAA records
for a domain for over a week now, and nothing in whois yet.
From rs at seastrom.com Thu Apr 5 12:44:22 2012
From: rs at seastrom.com (Robert E. Seastrom)
Date: Thu, 05 Apr 2012 13:44:22 -0400
Subject: SIP Carrier Consolidation
In-Reply-To: <13733103.140.1333644073293.JavaMail.root@ubuntu.digitalrage.org> (Elijah
Savage's message of "Thu, 5 Apr 2012 12:41:13 -0400 (EDT)")
References: <13733103.140.1333644073293.JavaMail.root@ubuntu.digitalrage.org>
Message-ID: <867gxudqfd.fsf@seastrom.com>
"SIP trunking consolidation" is buzzword heavy and context-light.
What problem are you trying to solve and at what scale? Do you have a
requirement to have the provider be a traditional TDM-based
organization or is an aggregator sufficient? How price-sensitive are
you?
At fairly small scale (10 DIDs including some 877 numbers, feeding to
Asterisk) I've had fine luck with http://voip.ms/
But your requirements may vary...
-r
Elijah Savage writes:
> Anyone here that have gone through the process of SIP trunking consolidation care to comment offline on
>
> Whom do you utilize?
> What has been your experience operationally?
> What was your experience during transition/implementation?
>
> Thank you ahead of time.
From nick at foobar.org Thu Apr 5 12:45:30 2012
From: nick at foobar.org (Nick Hilliard)
Date: Thu, 05 Apr 2012 18:45:30 +0100
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <4F7DDA3A.4080406@foobar.org>
On 05/04/2012 17:48, goemon at anime.net wrote:
> But they will care about a /24.
I'm curious as to why they would want to stop at /24. If you're going to
take the shotgun approach, why not blacklist the entire ASN?
Nick
From paul4004 at gmail.com Thu Apr 5 13:01:02 2012
From: paul4004 at gmail.com (PC)
Date: Thu, 5 Apr 2012 12:01:02 -0600
Subject: SORBS?!
In-Reply-To: <4F7DDA3A.4080406@foobar.org>
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7DDA3A.4080406@foobar.org>
Message-ID:
That's probably a better idea.
I moved "into" a /24 ip block that was SWIPed to me that they reported was
"dynamic cable/DSL users" (no spam history, mind you). Didn't matter, I
couldn't send e-mail.
When trying to get it delisted I had a TTL on the zone that was
"incompatible" with their standards (for DR failover purposes) and was
unwilling to maintain a TTL of how many ever hours they wanted as it didn't
fit the company's requirements.
I ended up just getting a new IP block from the ISP as they gave up on
resolving it too. Kind of a waste, but it worked. I relocated to there
instead.
1 year later they updated my ticket and delisted it.
On Thu, Apr 5, 2012 at 11:45 AM, Nick Hilliard wrote:
> On 05/04/2012 17:48, goemon at anime.net wrote:
> > But they will care about a /24.
>
> I'm curious as to why they would want to stop at /24. If you're going to
> take the shotgun approach, why not blacklist the entire ASN?
>
> Nick
>
>
From esavage at digitalrage.org Thu Apr 5 13:09:20 2012
From: esavage at digitalrage.org (Elijah Savage)
Date: Thu, 5 Apr 2012 14:09:20 -0400 (EDT)
Subject: SIP Carrier Consolidation
In-Reply-To: <867gxudqfd.fsf@seastrom.com>
Message-ID: <8456958.164.1333649360104.JavaMail.root@ubuntu.digitalrage.org>
Thank you for the reply.
Yes an aggregator, large deployment.
Initially this is discovery, though price is always important it is most about understanding operations and implementation at this point.
----- Original Message -----
From: "Robert E. Seastrom"
To: "Elijah Savage"
Cc: "NANOG list"
Sent: Thursday, April 5, 2012 1:44:22 PM
Subject: Re: SIP Carrier Consolidation
"SIP trunking consolidation" is buzzword heavy and context-light.
What problem are you trying to solve and at what scale? Do you have a
requirement to have the provider be a traditional TDM-based
organization or is an aggregator sufficient? How price-sensitive are
you?
At fairly small scale (10 DIDs including some 877 numbers, feeding to
Asterisk) I've had fine luck with http://voip.ms/
But your requirements may vary...
-r
Elijah Savage writes:
> Anyone here that have gone through the process of SIP trunking consolidation care to comment offline on
>
> Whom do you utilize?
> What has been your experience operationally?
> What was your experience during transition/implementation?
>
> Thank you ahead of time.
From daryl at introspect.net Thu Apr 5 19:51:45 2012
From: daryl at introspect.net (Daryl G. Jurbala)
Date: Thu, 5 Apr 2012 20:51:45 -0400
Subject: SIP Carrier Consolidation
In-Reply-To: <8456958.164.1333649360104.JavaMail.root@ubuntu.digitalrage.org>
References: <8456958.164.1333649360104.JavaMail.root@ubuntu.digitalrage.org>
Message-ID:
I have to respond with the sentiments of Robert: "large" is a very relative term. Also, are we talking about origination or termination here? How many minutes a day of each? What's your ACD? What are your top destinations? If it's bursty like a call center how many concurrent calls?
You can't get any real answers without providing relevant information.
On Apr 5, 2012, at 2:09 PM, Elijah Savage wrote:
> Thank you for the reply.
>
> Yes an aggregator, large deployment.
>
> Initially this is discovery, though price is always important it is most about understanding operations and implementation at this point.
From bmanning at vacation.karoshi.com Thu Apr 5 23:37:46 2012
From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)
Date: Fri, 6 Apr 2012 04:37:46 +0000
Subject: Quad-A records in Network Solutions ?
In-Reply-To:
References:
<4F735B1B.4030909@deaddrop.org> <4F735CAC.2010700@gmail.com>
<4f73d08d.c4c52a0a.5a34.4638SMTPIN_ADDED@mx.google.com>
<4F74485F.3040401@gmail.com>
Message-ID: <20120406043746.GA4766@vacation.karoshi.com.>
On Thu, Apr 05, 2012 at 10:26:11AM -0700, George B. wrote:
> On Thu, Mar 29, 2012 at 4:32 AM, Matt Ryanczak wrote:
>
> > I too had AAAA with nesol years ago. It required special phone calls to
> > special people to update. Customer support never knew what was going on
> > regarding AAAA or IPvWhat?.
> >
> > I suspect all of the people there that know about these types of things have
> > moved on. Netsol has been leaking people since their sale to web.com last
> > year, from actual layoffs and fear of the same.
> >
> > ~matt
>
> How long did it take them? We have had a request in for AAAA records
> for a domain for over a week now, and nothing in whois yet.
2002, it took 3hrs.
/bill
From drew.weaver at thenap.com Fri Apr 6 06:31:47 2012
From: drew.weaver at thenap.com (Drew Weaver)
Date: Fri, 6 Apr 2012 07:31:47 -0400
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID:
That's just not true, we would much rather be notified of something that a reputation list finds objectionable and take it down ourselves than have Senderbase set a poor reputation on dozens of IaaS customers.
-Drew
-----Original Message-----
From: goemon at anime.net [mailto:goemon at anime.net]
Sent: Thursday, April 05, 2012 12:48 PM
To: Drew Weaver
Cc: 'Sam Oduor'; Chris Conn; nanog at nanog.org
Subject: RE: SORBS?!
This is often the only way to get peoples attention and get action.
Providers dont care about individual /32's and will let them sit around and spew nigerian scams and pill spams without any consequences.
But they will care about a /24.
-Dan
On Thu, 5 Apr 2012, Drew Weaver wrote:
> Now, if we could only teach Senderbase that if their customers receive 'questionable' smtp traffic from 1 IP address in a /24 it doesn't mean that all IP addresses in that /24 are malicious we'd really be living it up in 2012.
>
>
>
> -----Original Message-----
> From: Sam Oduor [mailto:sam.oduor at gmail.com]
> Sent: Thursday, April 05, 2012 7:56 AM
> To: Chris Conn
> Cc: nanog at nanog.org
> Subject: Re: SORBS?!
>
> Some of the IP's I manage got blacklisted and its true they were spamming and Sorbs had a very valid reason for blacklisting them.
>
> I got this response response from sorbs after resolving the problem amicably. Sorbs responded well on time.
>
> *Your request appear to have been resolved. If you have any further questions or concerns, please respond to this message.
>
> Please note:
>
> If your IP address has been delisted (marked as 'Inactive'), it will take up to 2 hours to get from the database to all the SORBS DNS servers. Changes to the database are exported to the DNS zone files periodically, not immediately after every change. Furthermore, after the updated database contents have been exported to the DNS zone files, it will then take up to 48 hours for the outdated DNS information to be removed from DNS caches around the world - none of these are in SORBS' control.
>
> Please do not reply to this call with problems not related to this ticket or your request will be ignored.
>
>
>
> *
> *On Wed, Apr 4, 2012 at 10:53 PM, Chris Conn wrote:
> *
>>
>> *Hello,
>>
>> Is anyone from SORBS still listening? We have a few IP addresses here
>> and there that are listed, one in particular that has been for a spam
>> incident from over a year ago. The "last spam" date is 03/05/2011
>> according to their lookup tools.* *
>>
>> We don't have access to their Net Manager even if our ARIN POC
>> corresponds to the account on their system we opened a while ago. We
>> use their ISP feedback form and never get any responses back.* *
>>
>> Is SORBS still relevant and functional?* *
>>
>> Sincerely,*
>>
>> Chris Conn
>> B2B2C.ca
>>
>>
>
>
> --
> Samson Oduor
>
>
From vincent.ferran-lacome at bnpparibas.com Fri Apr 6 07:28:19 2012
From: vincent.ferran-lacome at bnpparibas.com (vincent.ferran-lacome at bnpparibas.com)
Date: Fri, 6 Apr 2012 14:28:19 +0200
Subject: AUTO : Vincent FERRAN-LACOME est absent(e). (retour 16/04/2012)
Message-ID:
Je suis absent(e) du bureau jusqu'au 16/04/2012
Je suis absent pour le moment.
En cas de n?cessit?, merci de transmettre vos messages ? l'?quipe CSIRT:
csirt at bnpparibas.com
+33 1 40 14 26 95 (office hours UTC +1/+2)
--
I am currently out of office.
If necessary, please forward your messages to the CSIRT team:
csirt at bnpparibas.com
+33 1 40 14 26 95 (office hours UTC +1/+2)
Remarque?: ceci est une r?ponse automatique ? votre message "NANOG Digest,
Vol 51, Issue 11" envoy? le 6/4/12 13:31:56.
C'est la seule notification que vous recevrez pendant l'absence de cette
personne.
This message and any attachments (the "message") is
intended solely for the intended addressees and is confidential.
If you receive this message in error,or are not the intended recipient(s),
please delete it and any copies from your systems and immediately notify
the sender. Any unauthorized view, use that does not comply with its purpose,
dissemination or disclosure, either whole or partial, is prohibited. Since the internet
cannot guarantee the integrity of this message which may not be reliable, BNP PARIBAS
(and its subsidiaries) shall not be liable for the message if modified, changed or falsified.
Do not print this message unless it is necessary,consider the environment.
----------------------------------------------------------------------------------------------------------------------------------
Ce message et toutes les pieces jointes (ci-apres le "message")
sont etablis a l'intention exclusive de ses destinataires et sont confidentiels.
Si vous recevez ce message par erreur ou s'il ne vous est pas destine,
merci de le detruire ainsi que toute copie de votre systeme et d'en avertir
immediatement l'expediteur. Toute lecture non autorisee, toute utilisation de
ce message qui n'est pas conforme a sa destination, toute diffusion ou toute
publication, totale ou partielle, est interdite. L'Internet ne permettant pas d'assurer
l'integrite de ce message electronique susceptible d'alteration, BNP Paribas
(et ses filiales) decline(nt) toute responsabilite au titre de ce message dans l'hypothese
ou il aurait ete modifie, deforme ou falsifie.
N'imprimez ce message que si necessaire, pensez a l'environnement.
From Valdis.Kletnieks at vt.edu Fri Apr 6 08:48:11 2012
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Fri, 06 Apr 2012 09:48:11 -0400
Subject: SORBS?!
In-Reply-To: Your message of "Fri, 06 Apr 2012 07:31:47 -0400."
References: <4F7CA69F.9090206@b2b2c.ca>
Message-ID: <30556.1333720091@turing-police.cc.vt.edu>
On Fri, 06 Apr 2012 07:31:47 -0400, Drew Weaver said:
> That's just not true, we would much rather be notified of something that a
> reputation list finds objectionable and take it down ourselves than have
> Senderbase set a poor reputation on dozens of IaaS customers.
If it was industry-wide standard practice that just notifying a provider resulted
in something being done, we'd not need things like Senderbase, which is after
all basically a list of people who don't take action when notified...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL:
From drew.weaver at thenap.com Fri Apr 6 08:55:35 2012
From: drew.weaver at thenap.com (Drew Weaver)
Date: Fri, 6 Apr 2012 09:55:35 -0400
Subject: SORBS?!
In-Reply-To: <30556.1333720091@turing-police.cc.vt.edu>
References: <4F7CA69F.9090206@b2b2c.ca>
<30556.1333720091@turing-police.cc.vt.edu>
Message-ID:
That is again, not true.
Senderbase's listings don't correlate to any public information so it's pretty much impossible to pro-actively protect ourselves from having our IPs set to poor.
I.e. when Senderbase assigns IPs to poor, those same IPs aren't listed on any RBLs or anything.
They operate in a vacuum where there is no visibility into why they do anything. Unlike organizations like Spamhaus where you know exactly why IPs are listed.
Thanks,
-Drew
-----Original Message-----
From: Valdis.Kletnieks at vt.edu [mailto:Valdis.Kletnieks at vt.edu]
Sent: Friday, April 06, 2012 9:48 AM
To: Drew Weaver
Cc: 'goemon at anime.net'; nanog at nanog.org
Subject: Re: SORBS?!
On Fri, 06 Apr 2012 07:31:47 -0400, Drew Weaver said:
> That's just not true, we would much rather be notified of something
> that a reputation list finds objectionable and take it down ourselves
> than have Senderbase set a poor reputation on dozens of IaaS customers.
If it was industry-wide standard practice that just notifying a provider resulted in something being done, we'd not need things like Senderbase, which is after all basically a list of people who don't take action when notified...
From ryanczak at gmail.com Fri Apr 6 09:00:35 2012
From: ryanczak at gmail.com (Matt Ryanczak)
Date: Fri, 06 Apr 2012 10:00:35 -0400
Subject: Quad-A records in Network Solutions ?
In-Reply-To:
References:
<4F735B1B.4030909@deaddrop.org> <4F735CAC.2010700@gmail.com>
<4f73d08d.c4c52a0a.5a34.4638SMTPIN_ADDED@mx.google.com>
<4F74485F.3040401@gmail.com>
Message-ID: <4F7EF703.8090407@gmail.com>
On 4/5/12 1:26 PM, George B. wrote:
> How long did it take them? We have had a request in for AAAA records
> for a domain for over a week now, and nothing in whois yet.
between a couple of hours and 5 to 10 business days. The long leads
times came when I no longer had direct contacts and had to go through
the helpdesk.
From esavage at digitalrage.org Fri Apr 6 09:42:31 2012
From: esavage at digitalrage.org (Elijah Savage)
Date: Fri, 6 Apr 2012 10:42:31 -0400 (EDT)
Subject: SIP Carrier Consolidation
In-Reply-To:
Message-ID: <28030947.174.1333723351436.JavaMail.root@ubuntu.digitalrage.org>
Thanks to all who responded off list even to those that are intrested in the opportunity, I do appreciate it.
----- Original Message -----
From: "Daryl G. Jurbala"
To: "Elijah Savage"
Cc: "Robert E. Seastrom" , "NANOG list"
Sent: Thursday, April 5, 2012 8:51:45 PM
Subject: Re: SIP Carrier Consolidation
I have to respond with the sentiments of Robert: "large" is a very relative term. Also, are we talking about origination or termination here? How many minutes a day of each? What's your ACD? What are your top destinations? If it's bursty like a call center how many concurrent calls?
You can't get any real answers without providing relevant information.
On Apr 5, 2012, at 2:09 PM, Elijah Savage wrote:
> Thank you for the reply.
>
> Yes an aggregator, large deployment.
>
> Initially this is discovery, though price is always important it is most about understanding operations and implementation at this point.
From bruns at 2mbit.com Fri Apr 6 09:54:49 2012
From: bruns at 2mbit.com (Brielle Bruns)
Date: Fri, 06 Apr 2012 08:54:49 -0600
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
Message-ID: <4F7F03B9.80400@2mbit.com>
On 4/4/12 3:36 PM, Landon Stewart wrote:
>> > It's best to not complain about it and just accept it as a fact of life
>> > your IPs are listed on SORBS and move on. It's not the end of the world.
>> >
> It turns into a customer service issue for most service providers.
Eh, guess they'll just have to absorb the cost of that, like its
expected that the recipients of spam have to absorb the cost of ISPs not
disconnecting infected/spamming customers...
And like how I have to absorb the costs of spending my time during the
day answering removal requests from people who lie to me constantly and
hope that I don't notice their little games.
Ever wonder why it takes time for DNSbl's to process removals, sometimes
very long periods? Well, someone's gotta pay for that time the removal
person does it (and I have yet to see a dime of compensation for the
time I spend).
--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
From patrick at ianai.net Fri Apr 6 10:02:32 2012
From: patrick at ianai.net (Patrick W. Gilmore)
Date: Fri, 6 Apr 2012 11:02:32 -0400
Subject: SORBS?!
In-Reply-To: <4F7F03B9.80400@2mbit.com>
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
<4F7F03B9.80400@2mbit.com>
Message-ID:
On Apr 6, 2012, at 10:54 , Brielle Bruns wrote:
> On 4/4/12 3:36 PM, Landon Stewart wrote:
>
>>>> It's best to not complain about it and just accept it as a fact of life
>>>> your IPs are listed on SORBS and move on. It's not the end of the world.
>>>>
>> It turns into a customer service issue for most service providers.
>
> Eh, guess they'll just have to absorb the cost of that, like its expected that the recipients of spam have to absorb the cost of ISPs not disconnecting infected/spamming customers...
>
> And like how I have to absorb the costs of spending my time during the day answering removal requests from people who lie to me constantly and hope that I don't notice their little games.
>
> Ever wonder why it takes time for DNSbl's to process removals, sometimes very long periods? Well, someone's gotta pay for that time the removal person does it (and I have yet to see a dime of compensation for the time I spend).
No, they don't. Many DNSBLs use self-service tools. Someone has to write the tool, but the rest is automated. Total cost is power & space, which is frequently donated (I have personally donated some myself to DNSBLs I thought were well run).
Besides, anyone who knowingly causes harm to a third party and claims "it is a cost of doing business" or "mostly people like it" or "our $FOO is targeted and almost always correct, you must be an outlier and that's why it costs you" sound -exactly- like spammers to me.
Spammer who are up-front about it I can deal with. Don't agree with or even like them, but at least we understand each other. Hypocrisy is a different story.
--
TTFN,
patrick
From bruns at 2mbit.com Fri Apr 6 10:37:13 2012
From: bruns at 2mbit.com (Brielle Bruns)
Date: Fri, 06 Apr 2012 09:37:13 -0600
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
<4F7F03B9.80400@2mbit.com>
Message-ID: <4F7F0DA9.2010607@2mbit.com>
On 4/6/12 9:02 AM, Patrick W. Gilmore wrote:
> No, they don't. Many DNSBLs use self-service tools. Someone has to
> write the tool, but the rest is automated. Total cost is power&
> space, which is frequently donated (I have personally donated some
> myself to DNSBLs I thought were well run).
Proxy removals and automated additions are self service removals. I
don't trust automated removal for stuff that we add by hand. Too many
variables, too much in the way of games...
If I were to let the people in spam-sources request removal and handle
removal entirely on their own without one of us reviewing it by hand,
there'd be no entries left in my database.
>
> Besides, anyone who knowingly causes harm to a third party and claims
> "it is a cost of doing business" or "mostly people like it" or "our
> $FOO is targeted and almost always correct, you must be an outlier
> and that's why it costs you" sound -exactly- like spammers to me.
I was more pointing out to people that you expect someone else, who
you've got no contractual obligation with, or relationship with, to make
time and effort to handle a request you made.
All I hear these days from people is that I have no right to tell them
who they can have as customers, or how to run their business.
Well, the reverse applies as well. I take great offense to people
telling me how to run my own service, that I provide free at no charge
with no obligations.
When a provider actually works with me to resolve an issue, I bend over
backwards to help them. Unfortunately, those kinds of providers are few
and far in between.
>
> Spammer who are up-front about it I can deal with. Don't agree with
> or even like them, but at least we understand each other. Hypocrisy
> is a different story.
Unfortunately, the apathy of providers, backbones, and network operators
in general have created an environment that the almighty buck rules
everything.
Yeah, I've had offers for financial support of the AHBL. Turned them
down every time, even though it would give me a chance to hire actual
people to run it. But, then, I'd have someone hanging over my
shoulder, pulling strings and interfering with my project. My
independence goes out the window, and I can't truly say I have no
financial interest in the listings.
So, forgive me if my independence as a non-commercial DNSbl makes me
somewhat jaded towards people who expect me to prioritize their demands
over what pays the bills.
--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
From george.herbert at gmail.com Fri Apr 6 10:49:13 2012
From: george.herbert at gmail.com (George Herbert)
Date: Fri, 6 Apr 2012 08:49:13 -0700
Subject: SORBS?!
In-Reply-To: <4F7F0DA9.2010607@2mbit.com>
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
<4F7F03B9.80400@2mbit.com>
<4F7F0DA9.2010607@2mbit.com>
Message-ID:
This seems like a very 1999 anti-spam attitude.
I have been doing anti-spam a long long time - literally since before Canter and Siegel (who I had as customers...) and before jj at cup.portal.com.
It's not 1999 anymore. Patrick is not the enemy. Your attitude is worrying. The "I am not responsible for who uses the blacklist or what that means" isn't good enough anymore.
George William Herbert
Sent from my iPhone
On Apr 6, 2012, at 8:37, Brielle Bruns wrote:
> On 4/6/12 9:02 AM, Patrick W. Gilmore wrote:
>> No, they don't. Many DNSBLs use self-service tools. Someone has to
>> write the tool, but the rest is automated. Total cost is power&
>> space, which is frequently donated (I have personally donated some
>> myself to DNSBLs I thought were well run).
>
>
> Proxy removals and automated additions are self service removals. I don't trust automated removal for stuff that we add by hand. Too many variables, too much in the way of games...
>
> If I were to let the people in spam-sources request removal and handle removal entirely on their own without one of us reviewing it by hand, there'd be no entries left in my database.
>
>>
>> Besides, anyone who knowingly causes harm to a third party and claims
>> "it is a cost of doing business" or "mostly people like it" or "our
>> $FOO is targeted and almost always correct, you must be an outlier
>> and that's why it costs you" sound -exactly- like spammers to me.
>
>
> I was more pointing out to people that you expect someone else, who you've got no contractual obligation with, or relationship with, to make time and effort to handle a request you made.
>
> All I hear these days from people is that I have no right to tell them who they can have as customers, or how to run their business.
>
> Well, the reverse applies as well. I take great offense to people telling me how to run my own service, that I provide free at no charge with no obligations.
>
> When a provider actually works with me to resolve an issue, I bend over backwards to help them. Unfortunately, those kinds of providers are few and far in between.
>
>>
>> Spammer who are up-front about it I can deal with. Don't agree with
>> or even like them, but at least we understand each other. Hypocrisy
>> is a different story.
>
>
> Unfortunately, the apathy of providers, backbones, and network operators in general have created an environment that the almighty buck rules everything.
>
> Yeah, I've had offers for financial support of the AHBL. Turned them down every time, even though it would give me a chance to hire actual people to run it. But, then, I'd have someone hanging over my shoulder, pulling strings and interfering with my project. My independence goes out the window, and I can't truly say I have no financial interest in the listings.
>
>
> So, forgive me if my independence as a non-commercial DNSbl makes me somewhat jaded towards people who expect me to prioritize their demands over what pays the bills.
>
> --
> Brielle Bruns
> The Summit Open Source Development Group
> http://www.sosdg.org / http://www.ahbl.org
>
From mike at mtcc.com Fri Apr 6 11:02:09 2012
From: mike at mtcc.com (Michael Thomas)
Date: Fri, 06 Apr 2012 09:02:09 -0700
Subject: SORBS?!
In-Reply-To:
References: <4F7CA69F.9090206@b2b2c.ca>
<4F7CBB47.1010801@mompl.net>
<4F7F03B9.80400@2mbit.com>